 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2019-3827 |
| Description: | An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running under privileges of users belonging to the wheel group to further escalate its privileges by modifying system files without user's knowledge. Successful exploitation requires uncommon system configuration. |
| Test IDs: | 1.3.6.1.4.1.25623.1.1.10.2019.0080 1.3.6.1.4.1.25623.1.0.843906 1.3.6.1.4.1.25623.1.0.852321 1.3.6.1.4.1.25623.1.1.2.2019.2156 1.3.6.1.4.1.25623.1.1.4.2019.0438.1 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-3827 RedHat Security Advisories: RHSA-2019:1517 https://access.redhat.com/errata/RHSA-2019:1517 RedHat Security Advisories: RHSA-2019:2145 https://access.redhat.com/errata/RHSA-2019:2145 |