CVE-2017-15358

Sažetak

Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option.

Reference

https://m4.rkw.io/blog/cve201715358-local-root-privesc-in-charles-proxy-42.html
https://www.exploit-db.com/exploits/45107/

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

02-10-2018 - 20:55

Objavljeno

03-08-2018 - 18:29