Vulnerability Name:

CVE-2017-15924 (CCN-134195)

Assigned:2017-10-27
Published:2017-10-27
Updated:2019-10-03
Summary:In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the add_server, build_config, and construct_command_line functions.
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-78
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2017-15924

Source: CCN
Type: oss-sec Mailing List, Fri, 13 Oct 2017 18:44:21 +0200
Advisory X41-2017-010: Command Execution in Shadowsocks-libev

Source: MISC
Type: Mailing List, Third Party Advisory
http://openwall.com/lists/oss-security/2017/10/13/2

Source: DEBIAN
Type: Third Party Advisory
DSA-4009

Source: XF
Type: UNKNOWN
shadowsocks-libev-cve201715924-code-exec(134195)

Source: MISC
Type: Third Party Advisory
https://github.com/shadowsocks/shadowsocks-libev/commit/c67d275803dc6ea22c558d06b1f7ba9f94cd8de3

Source: CCN
Type: shadowsocks-libev GIT Repository
shadowsocks-libev

Source: MISC
Type: Third Party Advisory
https://github.com/shadowsocks/shadowsocks-libev/issues/1734

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2017-15924

Source: MISC
Type: Exploit, Third Party Advisory
https://www.x41-dsec.de/lab/advisories/x41-2017-010-shadowsocks-libev/

Vulnerable Configuration:Configuration 1:
  • cpe:/a:shadowsocks:shadowsocks-libev:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:1.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:2.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:shadowsocks:shadowsocks-libev:3.1.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:debian:debian_linux:9.2:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:shadowsocks:shadowsocks-libev:3.1.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201715924
    V
    		CVE-2017-15924
    2022-06-30
    oval:org.opensuse.security:def:112828
    P
    		libshadowsocks-libev2-3.3.5-1.9 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106293
    P
    		libshadowsocks-libev2-3.3.5-1.9 on GA media (Moderate)
    2021-10-01
    oval:com.ubuntu.artful:def:201715924000
    V
    		CVE-2017-15924 on Ubuntu 17.10 (artful) - medium.
    2017-10-27
    oval:com.ubuntu.cosmic:def:2017159240000000
    V
    		CVE-2017-15924 on Ubuntu 18.10 (cosmic) - medium.
    2017-10-27
    oval:com.ubuntu.bionic:def:201715924000
    V
    		CVE-2017-15924 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-10-27
    oval:com.ubuntu.bionic:def:2017159240000000
    V
    		CVE-2017-15924 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-10-27
    oval:com.ubuntu.cosmic:def:201715924000
    V
    		CVE-2017-15924 on Ubuntu 18.10 (cosmic) - medium.
    2017-10-27
    BACK
    shadowsocks shadowsocks-libev 1.3
    shadowsocks shadowsocks-libev 1.3.2
    shadowsocks shadowsocks-libev 1.4.0
    shadowsocks shadowsocks-libev 1.4.1
    shadowsocks shadowsocks-libev 1.4.2
    shadowsocks shadowsocks-libev 1.4.3
    shadowsocks shadowsocks-libev 1.4.4
    shadowsocks shadowsocks-libev 1.4.5
    shadowsocks shadowsocks-libev 1.4.6
    shadowsocks shadowsocks-libev 1.4.7
    shadowsocks shadowsocks-libev 1.4.8
    shadowsocks shadowsocks-libev 1.5.0
    shadowsocks shadowsocks-libev 1.5.1
    shadowsocks shadowsocks-libev 1.5.2
    shadowsocks shadowsocks-libev 1.5.3
    shadowsocks shadowsocks-libev 1.6.1
    shadowsocks shadowsocks-libev 1.6.2
    shadowsocks shadowsocks-libev 1.6.3
    shadowsocks shadowsocks-libev 1.6.4
    shadowsocks shadowsocks-libev 2.0.1
    shadowsocks shadowsocks-libev 2.0.2
    shadowsocks shadowsocks-libev 2.0.3
    shadowsocks shadowsocks-libev 2.0.4
    shadowsocks shadowsocks-libev 2.0.5
    shadowsocks shadowsocks-libev 2.0.6
    shadowsocks shadowsocks-libev 2.0.7
    shadowsocks shadowsocks-libev 2.0.8
    shadowsocks shadowsocks-libev 2.1.0
    shadowsocks shadowsocks-libev 2.1.1
    shadowsocks shadowsocks-libev 2.1.2
    shadowsocks shadowsocks-libev 2.1.3
    shadowsocks shadowsocks-libev 2.1.4
    shadowsocks shadowsocks-libev 2.2.0
    shadowsocks shadowsocks-libev 2.2.1
    shadowsocks shadowsocks-libev 2.2.2
    shadowsocks shadowsocks-libev 2.2.3
    shadowsocks shadowsocks-libev 2.3.0
    shadowsocks shadowsocks-libev 2.3.1
    shadowsocks shadowsocks-libev 2.3.2
    shadowsocks shadowsocks-libev 2.3.3
    shadowsocks shadowsocks-libev 2.4.0
    shadowsocks shadowsocks-libev 2.4.1
    shadowsocks shadowsocks-libev 2.4.2
    shadowsocks shadowsocks-libev 2.4.3
    shadowsocks shadowsocks-libev 2.4.4
    shadowsocks shadowsocks-libev 2.4.5
    shadowsocks shadowsocks-libev 2.4.6
    shadowsocks shadowsocks-libev 2.4.7
    shadowsocks shadowsocks-libev 2.4.8
    shadowsocks shadowsocks-libev 2.5.0
    shadowsocks shadowsocks-libev 2.5.1
    shadowsocks shadowsocks-libev 2.5.2
    shadowsocks shadowsocks-libev 2.5.3
    shadowsocks shadowsocks-libev 2.5.4
    shadowsocks shadowsocks-libev 2.5.5
    shadowsocks shadowsocks-libev 2.5.6
    shadowsocks shadowsocks-libev 2.6.0
    shadowsocks shadowsocks-libev 2.6.1
    shadowsocks shadowsocks-libev 2.6.2
    shadowsocks shadowsocks-libev 2.6.3
    shadowsocks shadowsocks-libev 3.0.0
    shadowsocks shadowsocks-libev 3.0.1
    shadowsocks shadowsocks-libev 3.0.2
    shadowsocks shadowsocks-libev 3.0.3
    shadowsocks shadowsocks-libev 3.0.4
    shadowsocks shadowsocks-libev 3.0.5
    shadowsocks shadowsocks-libev 3.0.6
    shadowsocks shadowsocks-libev 3.0.7
    shadowsocks shadowsocks-libev 3.0.8
    shadowsocks shadowsocks-libev 3.1.0
    debian debian linux 9.2
    shadowsocks shadowsocks-libev 3.1.0