Vulnerability Name:

CVE-2016-9956 (CCN-122528)

Assigned:2016-12-14
Published:2016-12-14
Updated:2020-10-22
Summary:The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-284
Vulnerability Consequences:File Manipulation
References:Source: MITRE
Type: CNA
CVE-2016-9956

Source: DEBIAN
Type: Third Party Advisory
DSA-3742

Source: CCN
Type: FlightGear Web site
Introduction – FlightGear Flight Simulator

Source: CCN
Type: oss-sec Mailing List, Wed, 14 Dec 2016 16:57:11 +0100
CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files

Source: MLIST
Type: Mailing List, Patch, Third Party Advisory
[oss-security] 20161214 CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files

Source: MLIST
Type: Mailing List, Patch, Third Party Advisory
[oss-security] 20161215 Re: CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20161216 Re: CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files

Source: BID
Type: Third Party Advisory, VDB Entry
94945

Source: CCN
Type: BID-94945
FlightGear CVE-2016-9956 Arbitrary File Overwrite Vulnerability

Source: XF
Type: UNKNOWN
flightgear-cve20169956-file-overwrite(122528)

Source: FEDORA
Type: Third Party Advisory
FEDORA-2016-01eba63bcc

Source: FEDORA
Type: Third Party Advisory
FEDORA-2016-a1f774c3d7

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://sourceforge.net/p/flightgear/flightgear/ci/280cd523686fbdb175d50417266d2487a8ce67d2/

Source: CONFIRM
Type: Patch, Release Notes, Third Party Advisory
https://sourceforge.net/projects/flightgear/files/release-2016.4/

Source: UBUNTU
Type: UNKNOWN
USN-4588-1

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-9956

Vulnerable Configuration:Configuration 1:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:24:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:25:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:flightgear:flightgear:*:*:*:*:*:*:*:* (Version <= 2016.4.3)

    • Configuration CCN 1:
  • cpe:/a:flightgear:flightgear:2016.4.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:111887
    P
    		FlightGear-2020.3.11-1.3 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105466
    P
    		FlightGear-2020.3.11-1.3 on GA media (Moderate)
    2021-10-01
    oval:com.ubuntu.cosmic:def:201699560000000
    V
    		CVE-2016-9956 on Ubuntu 18.10 (cosmic) - medium.
    2017-02-22
    oval:com.ubuntu.artful:def:20169956000
    V
    		CVE-2016-9956 on Ubuntu 17.10 (artful) - medium.
    2017-02-22
    oval:com.ubuntu.trusty:def:20169956000
    V
    		CVE-2016-9956 on Ubuntu 14.04 LTS (trusty) - medium.
    2017-02-22
    oval:com.ubuntu.bionic:def:201699560000000
    V
    		CVE-2016-9956 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-02-22
    oval:com.ubuntu.bionic:def:20169956000
    V
    		CVE-2016-9956 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-02-22
    oval:com.ubuntu.xenial:def:20169956000
    V
    		CVE-2016-9956 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-02-22
    oval:com.ubuntu.xenial:def:201699560000000
    V
    		CVE-2016-9956 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-02-22
    oval:com.ubuntu.cosmic:def:20169956000
    V
    		CVE-2016-9956 on Ubuntu 18.10 (cosmic) - medium.
    2017-02-22
    oval:com.ubuntu.disco:def:201699560000000
    V
    		CVE-2016-9956 on Ubuntu 19.04 (disco) - medium.
    2017-02-22
    oval:com.ubuntu.precise:def:20169956000
    V
    		CVE-2016-9956 on Ubuntu 12.04 LTS (precise) - medium.
    2017-02-22
    oval:org.cisecurity:def:1662
    P
    		DSA-3742-1 -- flightgear -- security update
    2017-01-27
    BACK
    debian debian linux 8.0
    fedoraproject fedora 24
    fedoraproject fedora 25
    flightgear flightgear *
    flightgear flightgear 2016.4.3