CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14681

The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill `cat /pathname/p3scan.pid`" command, as demonstrated by etc/init.d/p3scan.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.8%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

https://sourceforge.net/p/p3scan/bugs/33/
https://sourceforge.net/p/p3scan/bugs/33/

Products affected by CVE-2017-14681

P3scan Project » P3scan » Version: 3.0

cpe:2.3:a:p3scan_project:p3scan:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14681

Products

Pricing

Contact Us