ASA-2019-00581 – Palo Alto Networks GlobalProtect Agent: Non-root users are able to overwrite root files on the file system

A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OSX that can allow non-root users to overwrite root files on the file system. Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges on the system.

ASA-2019-00391 – Kubernetes: Incomplete fixes for CVE-2019-1002101, kubectl cp potential directory traversal

Another security issue was discovered with the Kubernetes kubectl cp command that could enable a directory traversal such that a malicious container could replace or create files on a user’s workstation. The vulnerability is a client-side defect and requires user interaction to be exploited. The issue is High severity and upgrading kubectl to Kubernetes 1.12.9, 1.13.6, and 1.14.2 or later is encouraged to fix this issue.

ASA-2019-00230 – Samba: World writable files in Samba AD DC private/ dir

During the creation of a new Samba AD DC, files are created in a the private/ subdirectory of our install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory files are created with mode 0666, that is world-writable, including a sample krb5.conf and the list of DNS names and servicePrincipalName values to update.