An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local security restrictions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-06T19:24:04
Updated: 2024-08-05T02:16:48.548Z
Reserved: 2019-12-04T00:00:00
Link: CVE-2019-19585
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-01-06T20:15:12.413
Modified: 2024-11-21T04:34:59.897
Link: CVE-2019-19585
Redhat
No data.