Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.3 views

Siemens Ruggedcom ROX Privilege Dropping (CVE-2018-7169)

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5.3CVSS6.2AI score0.01596EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/05/23 12:0 a.m.41 views

GLSA-201805-09 : Shadow: security bypass

The remote host is affected by the vulnerability described in GLSA-201805-09 Shadow: security bypass A local attacker could possibly bypass security restrictions if an administrator used group blacklisting to restrict access to file system paths. Impact : A local attacker could possibly bypass...

5.3CVSS6.4AI score0.01596EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2018/05/22 12:0 a.m.412 views

Shadow: security bypass

Background Shadow is a set of tools to deal with user accounts. Description A local attacker could possibly bypass security restrictions if an administrator used “group blacklisting” to restrict access to file system paths. Impact A local attacker could possibly bypass security restrictions...

5.3CVSS5.7AI score0.01596EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2018/02/16 5:51 p.m.28 views

CVE-2018-7169

An issue was discovered in newgidmap, in shadow-utils, that allows an unprivileged user to be placed in a user namespace where setgroups is permitted. An attacker could use this flaw to remove himself from a supplementary group, which may allow access to certain filesystem paths, if the...

5.3CVSS3.5AI score0.01596EPSS
Exploits1References1
OSV
OSV
added 2018/02/15 8:29 p.m.20 views

CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5.3CVSS6.9AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/02/15 8:29 p.m.28 views

CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5.3CVSS6.4AI score0.01596EPSS
Exploits1References3
CVE
CVE
added 2018/02/15 7:0 p.m.113 views

CVE-2018-7169

CVE-2018-7169 affects shadow-tools: shadow 4.5 (shadow-utils) contains a setuid newgidmap that can place an unprivileged user in a user namespace where setgroups(2) is allowed. This enables the user to remove themselves from a supplementary group, potentially bypassing group-based access restrict...

5.3CVSS5.1AI score0.01596EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder