Sign-up

ID

VAR-201412-0527


CVE

CVE-2014-5284


TITLE

OSSEC of host-deny.sh In hosts.deny Vulnerabilities that change access restrictions

Trust: 0.8

sources: JVNDB: JVNDB-2014-005724

DESCRIPTION

host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed. OSSEC is prone to an insecure temporary file-creation vulnerability. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Other attacks may also be possible. OSSEC 2.8 is vulnerable; other versions may also be affected

Trust: 1.98

sources: NVD: CVE-2014-5284 // JVNDB: JVNDB-2014-005724 // BID: 70149 // VULMON: CVE-2014-5284

AFFECTED PRODUCTS

vendor:ossecmodel:ossecscope:lteversion:2.8.0

Trust: 1.0

vendor:ossecmodel:ossecscope:ltversion:2.8.1

Trust: 0.8

vendor:ossecmodel:ossecscope:eqversion:2.8.0

Trust: 0.6

vendor:trend micromodel:ossecscope:eqversion:2.8

Trust: 0.3

vendor:trend micromodel:ossecscope:neversion:2.8.1

Trust: 0.3

sources: BID: 70149 // JVNDB: JVNDB-2014-005724 // CNNVD: CNNVD-201410-1186 // NVD: CVE-2014-5284

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-5284
value: HIGH

Trust: 1.0

NVD: CVE-2014-5284
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201410-1186
value: HIGH

Trust: 0.6

VULMON: CVE-2014-5284
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-5284
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2014-5284 // JVNDB: JVNDB-2014-005724 // CNNVD: CNNVD-201410-1186 // NVD: CVE-2014-5284

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.8

sources: JVNDB: JVNDB-2014-005724 // NVD: CVE-2014-5284

THREAT TYPE

local

Trust: 0.9

sources: BID: 70149 // CNNVD: CNNVD-201410-1186

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201410-1186

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-005724

EXPLOIT AVAILABILITY
sources:
            
            
            VULMON: CVE-2014-5284

PATCH
title:ossec/ossec-hidsurl:https://github.com/ossec/ossec-hids/releases/tag/2.8.1
Trust: 0.8
title:ossec-hids-2.8.1url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54415
Trust: 0.6
title:CVE-2014-5284url:https://github.com/mbadanoiu/CVE-2014-5284 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/Shadowshusky/linux-kernel-exploits 
Trust: 0.1
title:Linux-kernel-EoP-expurl:https://github.com/De4dCr0w/Linux-kernel-EoP-exp 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/Feng4/linux-kernel-exploits 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/zyjsuper/linux-kernel-exploits 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/vahalen/linux-kernel-exploits 
Trust: 0.1
title:linux-expurl:https://github.com/QChiLan/linux-exp 
Trust: 0.1
title:LinuxEelvationurl:https://github.com/Al1ex/LinuxEelvation 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/Straight-wood/linux-kernel-exploits 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/yige666/linux-kernel-exploits 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/kumardineshwar/linux-kernel-exploits 
Trust: 0.1
title:linux-expurl:https://github.com/coffee727/linux-exp 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/m0mkris/linux-kernel-exploits 
Trust: 0.1
title:LinuxElevationurl:https://github.com/Al1ex/LinuxElvation 
Trust: 0.1
title:LinuxEelvationurl:https://github.com/fei9747/LinuxEelvation 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/C0dak/linux-kernel-exploits 
Trust: 0.1
title:local-root-exploit-url:https://github.com/sohaip-hackerDZ/local-root-exploit- 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/xssfile/linux-kernel-exploits 
Trust: 0.1
title:Localroot-ALL-CVEurl:https://github.com/Snoopy-Sec/Localroot-ALL-CVE 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/xfinest/linux-kernel-exploits 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/SecWiki/linux-kernel-exploits 
Trust: 0.1
title:linux-kernel-exploitsurl:https://github.com/Micr067/linux-kernel-exploits 
Trust: 0.1
title:LinuxElevationurl:https://github.com/Al1ex/LinuxElevation 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2014-5284 // 
            
            
            
            JVNDB: JVNDB-2014-005724 // 
            
            
            
            CNNVD: CNNVD-201410-1186

EXTERNAL IDS
db:NVDid:CVE-2014-5284
Trust: 2.8
db:PACKETSTORMid:129111
Trust: 1.7
db:EXPLOIT-DBid:35234
Trust: 1.7
db:BIDid:70149
Trust: 1.0
db:JVNDBid:JVNDB-2014-005724
Trust: 0.8
db:CNNVDid:CNNVD-201410-1186
Trust: 0.6
db:VULMONid:CVE-2014-5284
Trust: 0.1
sources:
            
            
            VULMON: CVE-2014-5284 // 
            
            
            
            BID: 70149 // 
            
            
            
            JVNDB: JVNDB-2014-005724 // 
            
            
            
            CNNVD: CNNVD-201410-1186 // 
            
            
            
            NVD: CVE-2014-5284

REFERENCES
url:https://github.com/ossec/ossec-hids/releases/tag/2.8.1
Trust: 2.0
url:http://packetstormsecurity.com/files/129111/ossec-2.8-privilege-escalation.html
Trust: 1.7
url:http://www.exploit-db.com/exploits/35234
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5284
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5284
Trust: 0.8
url:http://www.securityfocus.com/bid/70149
Trust: 0.7
url:http://www.ossec.net/?p=1135
Trust: 0.3
url: http://www.ossec.net/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/264.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/35234/
Trust: 0.1
url:https://github.com/mbadanoiu/cve-2014-5284
Trust: 0.1
sources:
            
            
            VULMON: CVE-2014-5284 // 
            
            
            
            BID: 70149 // 
            
            
            
            JVNDB: JVNDB-2014-005724 // 
            
            
            
            CNNVD: CNNVD-201410-1186 // 
            
            
            
            NVD: CVE-2014-5284

CREDITS
Jeff Petersen
Trust: 0.9
sources:
            
            
            BID: 70149 // 
            
            
            
            CNNVD: CNNVD-201410-1186

SOURCES
db:VULMONid:CVE-2014-5284
db:BIDid:70149
db:JVNDBid:JVNDB-2014-005724
db:CNNVDid:CNNVD-201410-1186
db:NVDid:CVE-2014-5284

LAST UPDATE DATE
2025-04-13T23:37:37.113000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2014-5284date:2014-12-02T00:00:00
db:BIDid:70149date:2014-09-09T00:00:00
db:JVNDBid:JVNDB-2014-005724date:2014-12-03T00:00:00
db:CNNVDid:CNNVD-201410-1186date:2014-12-02T00:00:00
db:NVDid:CVE-2014-5284date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULMONid:CVE-2014-5284date:2014-12-02T00:00:00
db:BIDid:70149date:2014-09-09T00:00:00
db:JVNDBid:JVNDB-2014-005724date:2014-12-03T00:00:00
db:CNNVDid:CNNVD-201410-1186date:2014-09-09T00:00:00
db:NVDid:CVE-2014-5284date:2014-12-02T01:59:04.763