Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.3 views

CVE-2019-19191

Shibboleth Service Provider SP 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user the shibd account after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow...

7.8CVSS6.9AI score0.0048EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.4 views

SUSE CVE-2019-19191

Shibboleth Service Provider SP 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user the shibd account after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow...

8.4CVSS7.1AI score0.0048EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2019:3386-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.0048EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2020:0115-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.0048EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/01/17 12:0 a.m.29 views

SUSE SLES12 Security Update : shibboleth-sp (SUSE-SU-2020:0115-1)

This update for shibboleth-sp fixes the following issues : Security issue fixed : CVE-2019-19191: Fixed escalation to root by fixing ownership of log files bsc1157471. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenabl...

7.8CVSS7.4AI score0.0048EPSS
Exploits1References4
OSV
OSV
added 2020/01/16 9:13 a.m.4 views

SUSE-SU-2020:0115-1 Security update for shibboleth-sp

This update for shibboleth-sp fixes the following issues: Security issue fixed: - CVE-2019-19191: Fixed escalation to root by fixing ownership of log files bsc1157471...

7.8CVSS7.8AI score0.0048EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/01/14 12:0 a.m.25 views

openSUSE: Security Advisory for shibboleth-sp (openSUSE-SU-2020:0020-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.8AI score0.0048EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/01/13 12:0 a.m.60 views

Security update for shibboleth-sp (moderate)

openSUSE Security Update: Security update for shibboleth-sp Announcement ID: openSUSE-SU-2020:0020-1 Rating: moderate References: 1157471 Cross-References: CVE-2019-19191 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

7.8CVSS7.8AI score0.0048EPSS
Exploits1References1
OSV
OSV
added 2019/12/23 3:57 p.m.6 views

SUSE-SU-2019:3386-1 Security update for shibboleth-sp

This update for shibboleth-sp fixes the following issues: Security issue fixed: - CVE-2019-19191: Fixed escalation to root by fixing ownership of log files bsc1157471...

7.8CVSS7.8AI score0.0048EPSS
Exploits1References3
OSV
OSV
added 2019/11/21 6:15 p.m.8 views

CVE-2019-19191

Shibboleth Service Provider SP 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user the shibd account after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow...

7.8CVSS7.6AI score0.0048EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2019/11/21 6:15 p.m.11 views

CVE-2019-19191

Shibboleth Service Provider SP 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user the shibd account after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow...

7.8CVSS7.1AI score0.0048EPSS
Exploits1References3
CVE
CVE
added 2019/11/21 5:6 p.m.142 views

CVE-2019-19191

CVE-2019-19191 affects Shibboleth Service Provider (SP) 3.x before 3.1.0. The vulnerability arises from a spec file that calls chown on files in a directory owned by the shibd service user, enabling local escalation to root via symlinks (e.g., /etc/shadow). Affected advisories indicate the fix is...

7.8CVSS7.5AI score0.0048EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder