Vulnerability CVE-2017-6590

Vulnerability Name:

CVE-2017-6590 (CCN-123441)

Assigned:

2017-02-27

Published:

2017-02-27

Updated:

2019-10-03

Summary:

An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The exploitation requires physical access to the locked computer and the Wi-Fi must be turned on. An access point that lets you use a certificate to login is required as well, but it's easy to create one. Then, it's possible to open a nautilus window and browse directories. One also can open some applications such as Firefox, which is useful for downloading malicious binaries.

CVSS v3 Severity:

6.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
5.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Physical Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
3.5 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-863

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2017-6590

Source: SECTRACK
Type: UNKNOWN
1037977

Source: CCN
Type: Launchpad Bug #1668321
Vulnerability allows read/write/exec access on Ubuntu 16.04 Screenlock as lightdm user

Source: CONFIRM
Type: Issue Tracking, Patch
https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1668321

Source: XF
Type: UNKNOWN
ubuntu-cve20176590-sec-bypass(123441)

Source: GENTOO
Type: UNKNOWN
GLSA-201707-09

Source: CONFIRM
Type: Patch, Vendor Advisory
https://www.ubuntu.com/usn/usn-3217-1/

Source: MISC
Type: Exploit, Third Party Advisory
https://www.youtube.com/watch?v=Fp2lwRVg0l0

Vulnerable Configuration:

Configuration 1:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:ubuntu:ubuntu:14.04:*:*:*:lts:*:*:*

OR cpe:/o:ubuntu:ubuntu:16.04:*:*:*:lts:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:646	P	Security update for php7 (Moderate) (in QA)	2022-10-04
oval:org.opensuse.security:def:789	P	Security update for python39 (Important)	2022-10-01
oval:org.opensuse.security:def:20176590	V	CVE-2017-6590	2022-09-02
oval:org.opensuse.security:def:678	P	Security update for python-ujson (Moderate)	2022-08-04
oval:org.opensuse.security:def:3547	P	libIlmImf-Imf_2_1-21-2.1.0-6.13.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:1598	P	Security update for oracleasm (Important) (in QA)	2022-06-24
oval:org.opensuse.security:def:95177	P	NetworkManager-applet-1.24.0-150400.2.9 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1370	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:1694	P	Security update for frr (Important)	2022-03-18
oval:org.opensuse.security:def:1242	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:1714	P	Security update for nodejs14 (Moderate)	2022-01-18
oval:org.opensuse.security:def:111913	P	NetworkManager-applet-1.24.0-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:1138	P	Security update for go1.17 (Moderate)	2021-12-01
oval:org.opensuse.security:def:49455	P	Security update for php74 (Moderate)	2021-11-18
oval:org.opensuse.security:def:105481	P	NetworkManager-applet-1.24.0-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:66934	P	Security update for clamav-database (Important)	2021-09-27
oval:org.opensuse.security:def:1125	P	Security update for the Linux Kernel (Important)	2021-09-23
oval:org.opensuse.security:def:71163	P	cups-2.2.7-3.11.7 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71353	P	openvpn-2.4.3-5.3.19 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71276	P	libltdl7-2.4.6-1.406 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:64576	P	Security update for libcroco (Moderate)	2021-09-16
oval:org.opensuse.security:def:64766	P	Security update for libcroco (Moderate)	2021-09-16
oval:org.opensuse.security:def:70290	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:1481	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:47335	P	libcairo-gobject2-1.15.2-24.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47311	P	libXRes1-1.0.7-3.53 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47752	P	libopenjp2-7-2.1.0-4.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47528	P	xalan-j2-2.7.0-264.133 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47325	P	libXvMC1-1.0.8-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47620	P	git-core-2.12.3-27.14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47900	P	sysvinit-tools-2.88+-99.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47771	P	libpulse-mainloop-glib0-32bit-5.0-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47446	P	mipv6d-2.0.2.umip.0.4-19.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47621	P	glib2-lang-2.48.2-10.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48114	P	libgcab-1_0-0-0.6-1.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47863	P	python-PyYAML-3.12-26.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47639	P	gv-3.7.4-1.36 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47635	P	gstreamer-plugins-good-1.8.3-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47659	P	krb5-appl-clients-1.0.3-1.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48198	P	libsqlite3-0-3.8.10.2-9.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48011	P	fuse-2.9.3-6.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48081	P	libXp6-1.0.2-3.57 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47756	P	libopenvswitch-2_8-0-2.8.4-3.36 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47660	P	lcms2-2.7-9.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48260	P	patch-2.7.5-8.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47199	P	ant-1.9.4-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48225	P	libxcb-dri2-0-1.10-4.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48173	P	libpng15-15-1.5.22-9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47949	P	apache2-2.4.23-29.43.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47674	P	libXext6-1.3.2-4.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48325	P	tomcat-9.0.21-3.13.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47200	P	apache-commons-beanutils-1.9.2-1.149 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48309	P	squashfs-4.3-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48321	P	tar-1.27.1-15.3.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48120	P	libgssglue1-0.4-3.76 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47795	P	libtcnative-1-0-1.2.17-1.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48356	P	zoo-2.10-1020.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47214	P	bash-4.3-82.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47310	P	libX11-6-1.6.2-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48212	P	libupsclient1-2.7.4-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47988	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:1733	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:1099	P	libopenssl-1_1-devel-1.1.1d-11.20.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101021	P	mozilla-nspr-32bit-4.25.1-3.17.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1014	P	iscsiuio-0.7.8.6-30.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101209	P	libnma0-1.8.24-5.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72522	P	libnma0-1.8.24-5.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62803	P	libnma0-1.8.24-5.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100782	P	apparmor-abstractions-2.13.6-1.31 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1774	P	Security update for bluez (Moderate)	2021-07-22
oval:org.opensuse.security:def:68013	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-07-14
oval:org.opensuse.security:def:66842	P	Security update for ovmf (Important)	2021-06-24
oval:org.opensuse.security:def:48436	P	groff-1.22.2-5.287 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48619	P	rtkit-0.11_git201205151338-8.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48360	P	MozillaFirefox-45.4.0esr-81.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48467	P	libXfont1-1.5.1-10.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48681	P	libfbembed2_5-2.5.2.26539-13.42 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48574	P	logrotate-3.8.7-3.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48538	P	libpoppler-glib8-0.43.0-15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48746	P	libssh4-0.6.3-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48658	P	yast2-core-3.1.23-6.38 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48777	P	gstreamer-0_10-plugins-bad-0.10.23-20.51 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48720	P	gcc48-gij-32bit-4.8.5-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48848	P	libFLAC++6-32bit-1.3.0-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48785	P	libIlmImf-Imf_2_1-21-32bit-2.1.0-4.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48816	P	rhythmbox-3.4-6.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:2436	P	NetworkManager-applet-1.8.10-3.39 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48887	P	telepathy-idle-0.2.0-1.62 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:63525	P	NetworkManager-applet-1.8.10-3.39 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48371	P	apache2-mod_perl-2.0.8-11.43 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48535	P	libpng15-15-1.5.22-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48427	P	git-core-1.8.5.6-18.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:73625	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:64489	P	Security update for p7zip (Moderate)	2021-05-04
oval:org.opensuse.security:def:64679	P	Security update for permissions (Important)	2021-05-04
oval:org.opensuse.security:def:66749	P	Security update for the Linux Kernel (Important)	2021-04-21
oval:org.opensuse.security:def:68113	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:70000	P	Security update for openldap2 (Important)	2021-03-08
oval:org.opensuse.security:def:2475	P	NetworkManager-applet-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107448	P	libnma-devel-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63564	P	NetworkManager-applet-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71466	P	curl-7.66.0-2.59 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72406	P	libnma-devel-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:94069	P	libnma-devel-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62687	P	libnma-devel-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2516	P	NetworkManager-applet-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107687	P	NetworkManager-applet-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63605	P	NetworkManager-applet-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103575	P	libnm-gtk-devel-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117006	P	libnma-devel-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:94308	P	NetworkManager-applet-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72178	P	libnm-gtk-devel-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:89920	P	libnm-gtk-devel-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62459	P	libnm-gtk-devel-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103748	P	NetworkManager-applet-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117202	P	NetworkManager-applet-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72289	P	libnm-gtk-devel-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:90093	P	NetworkManager-applet-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62570	P	libnm-gtk-devel-1.8.10-3.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:50120	P	jakarta-commons-fileupload on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50174	P	NetworkManager-applet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66657	P	xscreensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49512	P	firewall-applet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49566	P	libnm-gtk-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50161	P	libpurple on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70105	P	libnma-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50215	P	NetworkManager-applet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73440	P	libnma-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49629	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49683	P	libnma-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70185	P	pam-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73322	P	subversion on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67823	P	tboot on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50081	P	libwsman-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67923	P	libnm-gtk-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50135	P	NetworkManager-applet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49401	P	firewall-applet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73507	P	jython on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20176590000	V	CVE-2017-6590 on Ubuntu 12.04 LTS (precise) - medium.	2017-03-09
oval:com.ubuntu.xenial:def:201765900000000	V	CVE-2017-6590 on Ubuntu 16.04 LTS (xenial) - medium.	2017-03-09
oval:com.ubuntu.trusty:def:20176590000	V	CVE-2017-6590 on Ubuntu 14.04 LTS (trusty) - medium.	2017-03-09
oval:com.ubuntu.xenial:def:20176590000	V	CVE-2017-6590 on Ubuntu 16.04 LTS (xenial) - medium.	2017-03-09

BACK