Lucene search
PRIOn knowledge basePRION:CVE-2018-19639HistoryMar 05, 2019 - 4:29 p.m.
Command injection
2019-03-0516:29:00
PRIOn knowledge base
www.prio-n.com
3
If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing (e.g. with CVE-2018-19638) he can execute arbitrary commands as root.
| CPE | Name | Operator | Version |
|---|---|---|---|
| supportutils | eq | < 3.1-5.7.1 |
Related
cvelist
cvelist
CVE-2018-19639 Code execution if run with command line switch -v
2019-02-21 00:00:00
CVE-2018-19638 User can overwrite arbitrary log files in support tar
2019-02-21 00:00:00
CVE-2018-19640 Code execution if run with command line switch -v
2019-02-21 00:00:00
cve
cve
nvd
nvd
nessus
nessus
openSUSE Security Update : supportutils (openSUSE-2019-293)
2019-03-06 00:00:00
SUSE SLES11 Security Update : supportutils (SUSE-SU-2019:13976-1)
2021-06-10 00:00:00
openSUSE Security Update : hostinfo / supportutils (openSUSE-2019-1351)
2019-05-09 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:13976-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for supportutils (openSUSE-SU-2019:0293-1)
2019-03-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0480-1)
2021-06-09 00:00:00
suse
suse
Security update for supportutils (important)
2019-03-06 00:00:00
Security update for hostinfo, supportutils (important)
2019-05-08 00:00:00
prion
prion
Code injection
2019-03-05 16:29:00
Directory traversal
2019-03-05 16:29:00