Vulnerability Name:

CVE-2018-11319 (CCN-143602)

Assigned:2018-04-17
Published:2018-04-17
Updated:2019-10-03
Summary:Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a directory that is a parent of the base directory of the project being checked.
Note: exploitation is more difficult after 3.8.0 because filename prediction may be needed.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:8.5 High (CVSS v2 Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-22
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2018-11319

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://bugs.debian.org/894736

Source: XF
Type: UNKNOWN
vimsyntastic-cve201811319-code-exec(143602)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/vim-syntastic/syntastic/commit/6d7c0b394e001233dd09ec473fbea2002c72632f

Source: CCN
Type: syntastic GIT Repository
Checker config files allow arbitrary code execution scenarios #2170

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://github.com/vim-syntastic/syntastic/issues/2170

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180726 [SECURITY] [DLA 1444-1] vim-syntastic security update

Source: DEBIAN
Type: Third Party Advisory
DSA-4261

Vulnerable Configuration:Configuration 1:
  • cpe:/a:syntastic_project:syntastic:*:*:*:*:*:vim:*:* (Version <= 3.9.0)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.disco:def:2018113190000000
    V
    		CVE-2018-11319 on Ubuntu 19.04 (disco) - medium.
    2018-05-20
    oval:com.ubuntu.artful:def:201811319000
    V
    		CVE-2018-11319 on Ubuntu 17.10 (artful) - medium.
    2018-05-20
    oval:com.ubuntu.cosmic:def:2018113190000000
    V
    		CVE-2018-11319 on Ubuntu 18.10 (cosmic) - medium.
    2018-05-20
    oval:com.ubuntu.bionic:def:201811319000
    V
    		CVE-2018-11319 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-05-20
    oval:com.ubuntu.bionic:def:2018113190000000
    V
    		CVE-2018-11319 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-05-20
    oval:com.ubuntu.cosmic:def:201811319000
    V
    		CVE-2018-11319 on Ubuntu 18.10 (cosmic) - medium.
    2018-05-20
    oval:com.ubuntu.xenial:def:2018113190000000
    V
    		CVE-2018-11319 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-05-20
    oval:com.ubuntu.xenial:def:201811319000
    V
    		CVE-2018-11319 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-05-20
    BACK
    syntastic_project syntastic *
    debian debian linux 8.0
    debian debian linux 9.0