Lucene search
PRIOn knowledge basePRION:CVE-2019-19191HistoryNov 21, 2019 - 6:15 p.m.
Code injection
2019-11-2118:15:00
PRIOn knowledge base
www.prio-n.com
3
Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| service_provider | ge | 3.0.0 | |
| service_provider | lt | 3.1.0 |
Related
nessus
nessus
SUSE SLES12 Security Update : shibboleth-sp (SUSE-SU-2020:0115-1)
2020-01-17 00:00:00
openSUSE Security Update : shibboleth-sp (openSUSE-2020-20)
2020-01-15 00:00:00
SUSE SLES15 Security Update : shibboleth-sp (SUSE-SU-2019:3386-1)
2019-12-24 00:00:00
nvd
nvd
CVE-2019-19191
2019-11-21 18:15:12
openvas
openvas
openSUSE: Security Advisory for shibboleth-sp (openSUSE-SU-2020:0020-1)
2020-01-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:3386-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0115-1)
2021-04-19 00:00:00
ubuntucve
ubuntucve
CVE-2019-19191
2019-11-21 00:00:00
debiancve
debiancve
CVE-2019-19191
2019-11-21 18:15:12
cve
cve
CVE-2019-19191
2019-11-21 18:15:12
suse
suse
Security update for shibboleth-sp (moderate)
2020-01-14 00:00:00
cvelist
cvelist
CVE-2019-19191
2019-11-21 17:06:45