Lucene search
DebianCVELIST:CVE-2019-3461HistoryJan 10, 2019 - 12:00 a.m.
CVE-2019-3461
2019-01-1000:00:00
debian
www.cve.org
Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Mounting via rename() could potentially lead to a file being placed elsewhereon the filesystem hierarchy (e.g. /etc/cron.d/) if the directory being cleaned up was on the same physical filesystem. Fixed versions include 1.6.13+nmu1+deb9u1 and 1.6.14.
CNA Affected
[
{
"product": "tmpreaper",
"vendor": "Debian GNU/Linux",
"versions": [
{
"status": "affected",
"version": "1.6.13+nmu1"
}
]
}
]Related
ubuntu
ubuntu
tmpreaper vulnerability
2019-07-29 00:00:00
debian
debian
[SECURITY] [DSA 4365-1] tmpreaper security update
2019-01-10 21:35:11
[SECURITY] [DLA 1640-1] tmpreaper security update
2019-01-24 20:15:35
prion
prion
Race condition
2019-02-04 18:29:00
cve
cve
CVE-2019-3461
2019-02-04 18:29:00
debiancve
debiancve
CVE-2019-3461
2019-02-04 18:29:00
openvas
openvas
Debian: Security Advisory (DSA-4365-1)
2019-01-09 00:00:00
Ubuntu: Security Advisory (USN-4077-1)
2019-07-30 00:00:00
Debian: Security Advisory (DLA-1640-1)
2019-01-24 00:00:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : tmpreaper vulnerability (USN-4077-1)
2019-08-12 00:00:00
Debian DLA-1640-1 : tmpreaper security update
2019-01-25 00:00:00
Debian DSA-4365-1 : tmpreaper - security update
2019-01-14 00:00:00
nvd
nvd
CVE-2019-3461
2019-02-04 18:29:00
ubuntucve
ubuntucve
CVE-2019-3461
2019-02-04 00:00:00
kitploit
kitploit
PathAuditor - Detecting Unsafe Path Access Patterns
2019-12-20 11:30:00
veracode
veracode
Privilege Escalation
2020-09-21 06:18:12
osv
osv
tmpreaper - security update
2019-01-10 00:00:00
tmpreaper - security update
2019-01-24 00:00:00