13 matches found
CVE-2019-3690
creationtimestamp| type| source ---|---|--- 2024-03-07 18:06:52+00:00| seen| https://t.me/ctinow/202617...
SUSE SLES12 Security Update : permissions (SUSE-SU-2021:2280-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2280-1 advisory. - Fork package for 12-SP5 bsc1155939 - make btmp root:utmp bsc1050467, bsc1182899 - pcp: remove no longer needed / conflicting...
SUSE SLES11 Security Update : permissions (SUSE-SU-2019:14237-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2019:14237-1 advisory. - The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 please also check the additiona...
SUSE: Security Advisory (SUSE-SU-2019:3182-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:14237-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3180-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for permissions (openSUSE-SU-2019:2672-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : permissions (openSUSE-2019-2672)
This update for permissions fixes the following issues : - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary bsc1093414. - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic...
Security update for permissions (moderate)
openSUSE Security Update: Security update for permissions Announcement ID: openSUSE-SU-2019:2672-1 Rating: moderate References: 1093414 1150734 1157198 Cross-References: CVE-2019-3688 CVE-2019-3690 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata ...
SUSE SLED12 / SLES12 Security Update : permissions (SUSE-SU-2019:3183-1)
This update for permissions fixes the following issues : Security issues fixed : CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary bsc1093414. CVE-2019-3690: Fixed a privilege escalation throug...
CVE-2019-3690 chkstat follows untrusted symbolic links
The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 please also check the additional hardenings after this fix. This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges...
CVE-2019-3690
CVE-2019-3690 originates from the chkstat tool in the permissions package, which followed symlinks before commit, enabling local privilege escalation for attackers with control over a traversed path. Connected advisories confirm this vulnerability in SUSE products and document a fix in the relate...
SUSE-SU-2019:3180-1 Security update for permissions
This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary bsc1093414. - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic...