SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   GNU GRUB Vendors:   GNU [multiple authors]
GNU GRUB Authentication Bug Lets Local Users Bypass Authentication and Gain Elevated Privileges
SecurityTracker Alert ID:  1034422
SecurityTracker URL:  http://securitytracker.com/id/1034422
CVE Reference:   CVE-2015-8370   (Links to External Site)
Date:  Dec 15 2015
Impact:   Root access via local system
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 1.98 - 2.02
Description:   A vulnerability was reported in GNU GRUB. A local user can obtain elevated privileges on the target system.

A local user can bypass authentication and gain full control of the target system.

The vulnerability resides in 'grub-core/lib/crypto.c' and 'grub-core/normal/auth.c'.

The original advisory is available at:

http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html

Hector Marco and Ismael Ripoll reported this vulnerability.

Impact:   A local user can obtain full control of the target system.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.gnu.org/software/grub/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Dec 15 2015 (Red Hat Issues Fix) GNU GRUB Authentication Bug Lets Local Users Bypass Authentication and Gain Elevated Privileges
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Dec 15 2015 (Ubuntu Issues Fix) GNU GRUB Authentication Bug Lets Local Users Bypass Authentication and Gain Elevated Privileges
Ubuntu has issued a fix for Ubuntu Linux 12.04 LTS, 14.04 LTS, 15.04, and 15.10.
Dec 15 2015 (Oracle Issues Fix for Oracle Linux) GNU GRUB Authentication Bug Lets Local Users Bypass Authentication and Gain Elevated Privileges
Oracle has issued a fix for Oracle Linux 7.
Dec 16 2015 (CentOS Issues Fix) GNU GRUB Authentication Bug Lets Local Users Bypass Authentication and Gain Elevated Privileges
CentOS has issued a fix for CentOS 7.
Jan 19 2016 (Oracle Issues Fix for Solaris) GNU GRUB Authentication Bug Lets Local Users Bypass Authentication and Gain Elevated Privileges
Oracle has issued a fix for Solaris 11.



 Source Message Contents

Date:  Tue, 15 Dec 2015 12:49:55 +0100
Subject:  Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]

Hi everyone,

A vulnerability in Grub2 (Back to 28) has been found. Versions from 1.98
(December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be 
exploited under certain circumstances, allowing local attackers to bypass any 
kind of authentication (plain or hashed passwords). And so, the attacker may 
take control of the computer.


More details at:
http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html


Regards,
Hector Marco & Ismael Ripoll.


-- 
Dr. Hector Marco-Gisbert @ http://hmarco.org/
Cyber Security Researcher @ http://cybersecurity.upv.es
Universitat Politècnica de València (Spain)
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, SecurityGlobal.net LLC