Rapid7 Vulnerability & Exploit Database

Ubuntu: USN-4801-1 (CVE-2017-1000203): ROOT vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Ubuntu: USN-4801-1 (CVE-2017-1000203): ROOT vulnerability

Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
11/17/2017
Created
03/29/2023
Added
03/22/2023
Modified
11/15/2024

Description

ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution

Solution(s)

  • ubuntu-pro-upgrade-libroot-bindings-python5-34
  • ubuntu-pro-upgrade-libroot-bindings-ruby5-34
  • ubuntu-pro-upgrade-libroot-core5-34
  • ubuntu-pro-upgrade-libroot-geom5-34
  • ubuntu-pro-upgrade-libroot-graf2d-gpad5-34
  • ubuntu-pro-upgrade-libroot-graf2d-graf5-34
  • ubuntu-pro-upgrade-libroot-graf2d-postscript5-34
  • ubuntu-pro-upgrade-libroot-graf3d-eve5-34
  • ubuntu-pro-upgrade-libroot-graf3d-g3d5-34
  • ubuntu-pro-upgrade-libroot-graf3d-gl5-34
  • ubuntu-pro-upgrade-libroot-gui-ged5-34
  • ubuntu-pro-upgrade-libroot-gui5-34
  • ubuntu-pro-upgrade-libroot-hist-spectrum5-34
  • ubuntu-pro-upgrade-libroot-hist5-34
  • ubuntu-pro-upgrade-libroot-html5-34
  • ubuntu-pro-upgrade-libroot-io-xmlparser5-34
  • ubuntu-pro-upgrade-libroot-io5-34
  • ubuntu-pro-upgrade-libroot-math-foam5-34
  • ubuntu-pro-upgrade-libroot-math-genvector5-34
  • ubuntu-pro-upgrade-libroot-math-mathcore5-34
  • ubuntu-pro-upgrade-libroot-math-mathmore5-34
  • ubuntu-pro-upgrade-libroot-math-matrix5-34
  • ubuntu-pro-upgrade-libroot-math-minuit5-34
  • ubuntu-pro-upgrade-libroot-math-mlp5-34
  • ubuntu-pro-upgrade-libroot-math-physics5-34
  • ubuntu-pro-upgrade-libroot-math-quadp5-34
  • ubuntu-pro-upgrade-libroot-math-smatrix5-34
  • ubuntu-pro-upgrade-libroot-math-splot5-34
  • ubuntu-pro-upgrade-libroot-math-unuran5-34
  • ubuntu-pro-upgrade-libroot-misc-memstat5-34
  • ubuntu-pro-upgrade-libroot-misc-minicern5-34
  • ubuntu-pro-upgrade-libroot-misc-table5-34
  • ubuntu-pro-upgrade-libroot-montecarlo-eg5-34
  • ubuntu-pro-upgrade-libroot-montecarlo-vmc5-34
  • ubuntu-pro-upgrade-libroot-net-auth5-34
  • ubuntu-pro-upgrade-libroot-net-bonjour5-34
  • ubuntu-pro-upgrade-libroot-net-ldap5-34
  • ubuntu-pro-upgrade-libroot-net5-34
  • ubuntu-pro-upgrade-libroot-proof-proofplayer5-34
  • ubuntu-pro-upgrade-libroot-proof5-34
  • ubuntu-pro-upgrade-libroot-roofit5-34
  • ubuntu-pro-upgrade-libroot-static
  • ubuntu-pro-upgrade-libroot-tmva5-34
  • ubuntu-pro-upgrade-libroot-tree-treeplayer5-34
  • ubuntu-pro-upgrade-libroot-tree5-34
  • ubuntu-pro-upgrade-root-plugin-geom-gdml
  • ubuntu-pro-upgrade-root-plugin-geom-geombuilder
  • ubuntu-pro-upgrade-root-plugin-geom-geompainter
  • ubuntu-pro-upgrade-root-plugin-graf2d-asimage
  • ubuntu-pro-upgrade-root-plugin-graf2d-qt
  • ubuntu-pro-upgrade-root-plugin-graf2d-x11
  • ubuntu-pro-upgrade-root-plugin-graf3d-x3d
  • ubuntu-pro-upgrade-root-plugin-gui-fitpanel
  • ubuntu-pro-upgrade-root-plugin-gui-guibuilder
  • ubuntu-pro-upgrade-root-plugin-gui-qt
  • ubuntu-pro-upgrade-root-plugin-gui-sessionviewer
  • ubuntu-pro-upgrade-root-plugin-hist-hbook
  • ubuntu-pro-upgrade-root-plugin-hist-histpainter
  • ubuntu-pro-upgrade-root-plugin-hist-spectrumpainter
  • ubuntu-pro-upgrade-root-plugin-io-sql
  • ubuntu-pro-upgrade-root-plugin-io-xml
  • ubuntu-pro-upgrade-root-plugin-math-fftw3
  • ubuntu-pro-upgrade-root-plugin-math-fumili
  • ubuntu-pro-upgrade-root-plugin-math-minuit2
  • ubuntu-pro-upgrade-root-plugin-montecarlo-pythia8
  • ubuntu-pro-upgrade-root-plugin-net-globus
  • ubuntu-pro-upgrade-root-plugin-net-krb5
  • ubuntu-pro-upgrade-root-plugin-sql-mysql
  • ubuntu-pro-upgrade-root-plugin-sql-odbc
  • ubuntu-pro-upgrade-root-plugin-sql-pgsql
  • ubuntu-pro-upgrade-root-plugin-tree-treeviewer
  • ubuntu-pro-upgrade-root-system
  • ubuntu-pro-upgrade-root-system-bin
  • ubuntu-pro-upgrade-root-system-common
  • ubuntu-pro-upgrade-root-system-proofd
  • ubuntu-pro-upgrade-root-system-rootd
  • ubuntu-pro-upgrade-ttf-root-installer

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;