8 matches found
SUSE CVE-2020-16127
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...
Advisory ROSA-SA-2021-1804
Software: accountservice 0.6.50 OS: Cobalt 7.9 CVE-ID: CVE-2020-16126 CVE-Crit: LOW CVE-DESC: Ubuntu-specific modification of AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, incorrectly removed ruid, allowing untrusted users to send signals to AccountsService,...
Exploit for Improper Privilege Management in Freedesktop Accountsservice
Ubuntu-Gnome-privilege-escalation A bash script exploit of CV...
CVE-2020-16127
creationtimestamp| type| source ---|---|--- 2020-11-11 07:28:26+00:00| seen| https://t.me/cibsecurity/16141...
CVE-2020-16127 accountsservice .pam_environment infinite loop
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...
CVE-2020-16127
CVE-2020-16127 is described as an Ubuntu-specific modification to AccountsService prior to version 0.6.55-0ubuntu13.2 that would perform unbounded reads of user-controlled ~/.pam_environment files, enabling an infinite loop if /dev/zero is symlinked to that location. The impact cited is a local i...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : AccountsService vulnerabilities (USN-4616-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4616-1 advisory. Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cau...
USN-4616-1: AccountsService vulnerabilities
Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. CVE-2020-16126 Kevin Backhouse discovered that AccountsService incorrectly handled reading...