Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-11481

Опубликовано: 08 фев. 2020
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 6.1
CVSS3: 3.8

Описание

Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.

РелизСтатусПримечание
bionic

released

2.20.9-0ubuntu7.8
devel

released

2.20.11-0ubuntu10
disco

released

2.20.10-0ubuntu27.2
eoan

released

2.20.11-0ubuntu8.1
esm-infra-legacy/trusty

released

2.14.1-0ubuntu3.29+esm2
esm-infra/bionic

released

2.20.9-0ubuntu7.8
esm-infra/xenial

released

2.20.1-0ubuntu2.20
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

released

2.14.1-0ubuntu3.29+esm2

Показывать по

Ссылки на источники

EPSS

Процентиль: 33%
0.00133
Низкий

6.1 Medium

CVSS2

3.8 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-11481

CVSS3: 3.8
nvd
почти 6 лет назад

Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.

github логотип

GHSA-7hrm-rprg-v656

CVSS3: 7.8
github
больше 3 лет назад

Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.

fstec логотип

BDU:2020-01333

CVSS3: 7.8
fstec
почти 6 лет назад

Уязвимость службы регистрации ошибок apport операционной системы Ubuntu, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 33%
0.00133
Низкий

6.1 Medium

CVSS2

3.8 Low

CVSS3