CVE-2017-8849

7.8 HIGH
Published: May 17, 2017 Modified: May 13, 2026
View on NVD

Description

smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://www.debian.org/security/2017/dsa-3951
Source: cve@mitre.org
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/05/10/3
Source: cve@mitre.org
Exploit Mailing List Patch Third Party Advisory
http://www.securityfocus.com/bid/98690
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/98737
Source: cve@mitre.org
Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1449656
Source: cve@mitre.org
Issue Tracking Patch Third Party Advisory VDB Entry
https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce
Source: cve@mitre.org
Patch Third Party Advisory
https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e
Source: cve@mitre.org
Patch Third Party Advisory
https://security.gentoo.org/glsa/201705-14
Source: cve@mitre.org
Third Party Advisory
https://www.exploit-db.com/exploits/42053/
Source: cve@mitre.org
Exploit Third Party Advisory VDB Entry
https://www.kde.org/info/security/advisory-20170510-2.txt
Source: cve@mitre.org
Third Party Advisory
http://www.debian.org/security/2017/dsa-3951
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/05/10/3
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Mailing List Patch Third Party Advisory
http://www.securityfocus.com/bid/98690
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/98737
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1449656
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Patch Third Party Advisory VDB Entry
https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory
https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory
https://security.gentoo.org/glsa/201705-14
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.exploit-db.com/exploits/42053/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.kde.org/info/security/advisory-20170510-2.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.8 / 10.0
EPSS (Exploit Probability)
1.9%
78th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

smb4k_project debian

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8