Lucene search
MitreCVELIST:CVE-2019-19191HistoryNov 21, 2019 - 5:06 p.m.
CVE-2019-19191
2019-11-2117:06:45
mitre
www.cve.org
0.001 Low
EPSS
Percentile
40.8%
Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
Related
openvas
openvas
openSUSE: Security Advisory for shibboleth-sp (openSUSE-SU-2020:0020-1)
2020-01-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:3386-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0115-1)
2021-04-19 00:00:00
nessus
nessus
openSUSE Security Update : shibboleth-sp (openSUSE-2020-20)
2020-01-15 00:00:00
SUSE SLES12 Security Update : shibboleth-sp (SUSE-SU-2020:0115-1)
2020-01-17 00:00:00
SUSE SLES15 Security Update : shibboleth-sp (SUSE-SU-2019:3386-1)
2019-12-24 00:00:00
nvd
nvd
CVE-2019-19191
2019-11-21 18:15:12
ubuntucve
ubuntucve
CVE-2019-19191
2019-11-21 00:00:00
debiancve
debiancve
CVE-2019-19191
2019-11-21 18:15:12
prion
prion
Code injection
2019-11-21 18:15:00
cve
cve
CVE-2019-19191
2019-11-21 18:15:12
suse
suse
Security update for shibboleth-sp (moderate)
2020-01-14 00:00:00