Lucene search
Redhat.comRH:CVE-2018-16588HistorySep 06, 2018 - 3:51 p.m.
CVE-2018-16588
2018-09-0615:51:27
redhat.com
access.redhat.com
10
EPSS
0
Percentile
5.1%
Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are created with mode 0777 during user creation. Given that they are world-writable, local attackers might use this for privilege escalation and other unspecified attacks. NOTE: this would affect non-SUSE users who took useradd.c code from a 2014-04-02 upstream pull request; however, no non-SUSE distribution is known to be affected.
Related
nessus
nessus
openSUSE Security Update : shadow (openSUSE-2018-1051)
2018-09-27 00:00:00
openSUSE Security Update : shadow (openSUSE-2018-1055)
2018-09-27 00:00:00
openSUSE Security Update : shadow (openSUSE-2019-721)
2019-03-27 00:00:00
cvelist
cvelist
CVE-2018-16588
2018-09-26 22:00:00
suse
suse
Security update for shadow (moderate)
2018-09-26 18:28:27
Security update for shadow (moderate)
2018-09-25 15:10:22
openvas
openvas
openSUSE: Security Advisory for shadow (openSUSE-SU-2018:2885-1)
2018-09-27 00:00:00
openSUSE: Security Advisory for shadow (openSUSE-SU-2018:2852-1)
2018-10-26 00:00:00
nvd
nvd
CVE-2018-16588
2018-09-26 22:29:00
cve
cve
CVE-2018-16588
2018-09-26 22:29:00
prion
prion
Privilege escalation
2018-09-26 22:29:00
debiancve
debiancve
CVE-2018-16588
2018-09-26 22:29:00