Lucene search

Symantec Security ResponseSMNTC-111189

HistoryDec 11, 2019 - 12:00 a.m.

OpenBSD CVE-2019-19726 Local Privilege Escalation Vulnerability

2019-12-1100:00:00

Symantec Security Response

www.symantec.com

0.001 Low

EPSS

Percentile

23.1%

JSON

Description

OpenBSD is prone to a local privilege escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. OpenBSD versions 6.1, 6.2, 6.5 and 6.6 are vulnerable. Other versions may also be affected.

Technologies Affected

OpenBSD Openbsd 6.1
OpenBSD Openbsd 6.2
OpenBSD Openbsd 6.5
OpenBSD Openbsd 6.6

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Ensure that only trusted users have local, interactive access to affected computers.

Updates are available. Please see the references or vendor advisory for more information.

CPENameOperatorVersion
openbsd openbsdeq6.5
openbsd openbsdeq6.1
openbsd openbsdeq6.2
openbsd openbsdeq6.6

Name	Operator	Version
openbsd openbsd	eq	6.5
openbsd openbsd	eq	6.1
openbsd openbsd	eq	6.2
openbsd openbsd	eq	6.6

References

www.openbsd.org

www.openbsd.org/errata65.html

www.openbsd.org/errata66.html

www.qualys.com/2019/12/11/cve-2019-19726/local-privilege-escalation-openbsd-dynamic-loader.txt?_ga=2.186159977.1313729771.1576229625-1169152992.1576229625

0.001 Low

EPSS

Percentile

23.1%

JSON

Related for SMNTC-111189