A vulnerability classified as critical was found in SuSE Linux Enterprise Server up to 11 (Operating System). This vulnerability affects an unknown part of the component mailman. The manipulation with an unknown input leads to a symlink vulnerability. The CWE definition for the vulnerability is CWE-61. The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions.

The weakness was published 01/24/2020 as Bug 1154328 as confirmed bug report (Bugzilla). The advisory is shared for download at bugzilla.suse.com. This vulnerability was named CVE-2019-3693 since 01/03/2019. The attack needs to be approached locally. A single authentication is necessary for exploitation. There are neither technical details nor an exploit publicly available.

Upgrading to version 15.1 eliminates this vulnerability.

Similar entries are available at 149319 and 149318.

Productinfo

Type

• Operating System

Vendor

• SuSE

Name

• Linux Enterprise Server

Version

• 11

License

• open-source

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion