Lucene search
PRIOn knowledge basePRION:CVE-2018-16588HistorySep 26, 2018 - 10:29 p.m.
Privilege escalation
2018-09-2622:29:00
PRIOn knowledge base
www.prio-n.com
3
Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are created with mode 0777 during user creation. Given that they are world-writable, local attackers might use this for privilege escalation and other unspecified attacks. NOTE: this would affect non-SUSE users who took useradd.c code from a 2014-04-02 upstream pull request; however, no non-SUSE distribution is known to be affected.
| CPE | Name | Operator | Version |
|---|---|---|---|
| shadow | eq | <= 4.2.1-27.9.1 | |
| shadow | eq | <= 4.5-5.39 |
Related
suse
suse
Security update for shadow (moderate)
2018-09-25 15:10:22
Security update for shadow (moderate)
2018-09-26 18:28:27
redhatcve
redhatcve
CVE-2018-16588
2018-09-06 15:51:27
nessus
nessus
openSUSE Security Update : shadow (openSUSE-2018-1055)
2018-09-27 00:00:00
openSUSE Security Update : shadow (openSUSE-2018-1051)
2018-09-27 00:00:00
openSUSE Security Update : shadow (openSUSE-2019-721)
2019-03-27 00:00:00
cvelist
cvelist
CVE-2018-16588
2018-09-26 22:00:00
openvas
openvas
openSUSE: Security Advisory for shadow (openSUSE-SU-2018:2852-1)
2018-10-26 00:00:00
openSUSE: Security Advisory for shadow (openSUSE-SU-2018:2885-1)
2018-09-27 00:00:00
debiancve
debiancve
CVE-2018-16588
2018-09-26 22:29:00
cve
cve
CVE-2018-16588
2018-09-26 22:29:00
nvd
nvd
CVE-2018-16588
2018-09-26 22:29:00