Exploit does not map to CVE-2014-3153 on RHEL 7 #5
Description
CVE-2014-3153 should map to EDBID 35370, but it doesn't.
Reproducer
- Create instance
gcloud compute --project=${PROJECT} instances create test-1 \
--zone=${ZONE} \
--machine-type=n1-standard-1 \
--subnet=default \
--image=rhel-7-v20190312 \
--image-project=rhel-cloud \
--boot-disk-size=20GB \
--boot-disk-type=pd-standard \
--boot-disk-device-name=instance-3
- Downgrade with cyber-range-target, site.yml:
- hosts: localhost
connection: local
become: true
roles:
- cyber-range-target
vars:
cves_to_test:
- CVE-2014-3153
Apply with ansible-playbook site.yml.
- Attempt to map:
git clone https://github.com/redteam-project/exploit-curation
lem host assess --curation exploit-curation --kind stride --score 000009