6 matches found
CVE-2019-19520
xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGLDRIVERSPATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen...
OpenBSD 6.6 Multiple Authentication Bypass Vulnerabilities
Binary data openbsdauthbypass.nbin...
CVE-2019-19520
creationtimestamp| type| source ---|---|--- 2019-12-05 11:44:38+00:00| published-proof-of-concept| https://t.me/antichat/7241 2019-12-05 12:42:53+00:00| published-proof-of-concept| https://t.me/thehackernews/550 2024-03-07 13:41:38+00:00| seen| https://t.me/ctinow/202390...
OpenBSD Multiple Authentication Vulnerabilities
Multiple authentication vulnerabilities in OpenBSD have been disclosed by Qualys Research Labs. The vulnerabilities are assigned following CVEs: CVE-2019-19522, CVE-2019-19521, CVE-2019-19520, CVE-2019-19519. OpenBSD developers have confirmed the vulnerabilities and also provided a quick response...
Qualys Security Advisory - OpenBSD Authentication Bypass / Privilege Escalation
Qualys Security Advisory Authentication vulnerabilities in OpenBSD ============================================================================== Contents ============================================================================== 1. CVE-2019-19521: Authentication bypass 1.1. Analysis 1.2. Cas...
CVE-2019-19520
OpenBSD 6.6 is affected by CVE-2019-19520 (xlock) where local attackers can escalate to the auth group by manipulating LIBGL_DRIVERS_PATH. Root cause: xenocara/lib/mesa/src/loader/loader.c mishandles dlopen. Impact, per sources, is local privilege escalation; OpenBSD patches exist via syspatch/Op...