The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html | Broken Link Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html | Broken Link Mailing List Third Party Advisory |
https://bugzilla.suse.com/show_bug.cgi?id=1154302 | Exploit Issue Tracking Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: suse
Published: 2020-01-24T00:00:00
Updated: 2020-11-20T15:45:08
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3692
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-24T09:15:13.203
Modified: 2022-11-16T03:05:17.800
Link: CVE-2019-3692
JSON object: View
Redhat Information
No data.
CWE