6 matches found
CVE-2019-19882
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...
CVE-2019-19882
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...
CVE-2019-19882
CVE-2019-19882 affects Shadow 4.8 when built with --with-libpam but without --disable-account-tools-setuid and without a PAM config compatible with setuid tools, enabling local users to escalate to root via account-management utilities (groupadd, groupdel, groupmod, useradd, userdel, usermod). Th...
CVE-2019-19882
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...
CVE-2019-19882
shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...
Shadow CVE-2019-19882 Multiple Local Privilege Escalation Vulnerabilities
Description Shadow is prone to multiple local privilege-escalation vulnerabilities. A local attacker can exploit these issues to gain elevated privileges. Shadow 4.8 is vulnerable; other versions may also be affected. Technologies Affected Shadow-Maint Shadow 4.8 Recommendations Permit local acce...