Описание
Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingVendor Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.0 (включая) до 3.1.0 (исключая)
cpe:2.3:a:shibboleth:service_provider:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00172
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-59
Связанные уязвимости
CVSS3: 7.8
ubuntu
около 6 лет назад
Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
CVSS3: 7.8
debian
около 6 лет назад
Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file ...
EPSS
Процентиль: 39%
0.00172
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-59