CVE-2019-3693

CVE-2019-3693

A symlink following vulnerability in the packaging of mailman in SUSE SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman.
This issue affects:
SUSE SUSE Linux Enterprise Server 11
mailman versions prior to 2.1.15-9.6.15.1.
SUSE SUSE Linux Enterprise Server 12
mailman versions prior to 2.1.17-3.11.1.
openSUSE Leap 15.1
mailman version 2.1.29-lp151.2.14 and prior versions.

Source: CVE-2019-3693

댓글 남기기

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다

Time limit is exhausted. Please reload the CAPTCHA.