cve/CVE-2019-19585.md at 9ac4b787af2fa0b7575b28040edee6199ce9a667

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 17:22:02 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local security restrictions.

POC

Reference

http://packetstormsecurity.com/files/156950/rConfig-3.9.4-searchField-Remote-Code-Execution.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Orange-Cyberdefense/CVE-repository
https://github.com/SexyBeast233/SecBooks
https://github.com/Transmetal/CVE-repository-master
https://github.com/v1k1ngfr/exploits-rconfig

1022 B Raw Blame History

CVE-2019-19585

Description

POC

Reference

Github

1022 B

Raw Blame History