7 matches found
Siemens Ruggedcom ROX Privilege Dropping (CVE-2018-7169)
An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...
GLSA-201805-09 : Shadow: security bypass
The remote host is affected by the vulnerability described in GLSA-201805-09 Shadow: security bypass A local attacker could possibly bypass security restrictions if an administrator used group blacklisting to restrict access to file system paths. Impact : A local attacker could possibly bypass...
Shadow: security bypass
Background Shadow is a set of tools to deal with user accounts. Description A local attacker could possibly bypass security restrictions if an administrator used “group blacklisting” to restrict access to file system paths. Impact A local attacker could possibly bypass security restrictions...
CVE-2018-7169
An issue was discovered in newgidmap, in shadow-utils, that allows an unprivileged user to be placed in a user namespace where setgroups is permitted. An attacker could use this flaw to remove himself from a supplementary group, which may allow access to certain filesystem paths, if the...
CVE-2018-7169
An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...
CVE-2018-7169
An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...
CVE-2018-7169
CVE-2018-7169 affects shadow-tools: shadow 4.5 (shadow-utils) contains a setuid newgidmap that can place an unprivileged user in a user namespace where setgroups(2) is allowed. This enables the user to remove themselves from a supplementary group, potentially bypassing group-based access restrict...