EUVD-2012-5967

Malware in sbrugna...

SUSE CVE-2012-6097

File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab...

Denial Of Service (DoS)

The vixie-cron package is vulnerable to Denial Of Service DoS. A local user with the ability to create a hardlink to /etc/crontab can prevent vixie-cron from executing certain system cron jobs...

issetugid() + rsh + libmalloc OS X Local Root Exploit

The default root-suid binary /usr/bin/rsh on Mac OS X uses execv in an insecure manner. /usr/bin/rsh will invoke /usr/bin/rlogin if launched with only a host argument, without dropping privileges or clearing the environment. This exploit will pass "MallocLogFile" to /usr/bin/rsh, which is then...

Dhclient Bash Environment Variable Injection

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/dhcp' class Metasploit3 'Dhclient Bash Environment Variable Injection', 'Description' = %q| When bash is started with an environment...

CVE-2012-6097

File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab...

CVE-2011-1074

crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname...