10 matches found
Exploit for Incorrect Authorization in Canonical Snapd
dirtysock Local Privilege Escalation via snapd CVE-2019-7304...
Exploit for Incorrect Authorization in Canonical Snapd
snapprivesc Another implementation for linux privilege escal...
Immunity Canvas: SNAPD_UID_OVERWRITE
Name| snapduidoverwrite ---|--- CVE| CVE-2019-7304 Exploit Pack| CANVAS Description| snapduidoverwrite Notes| CVE Name: CVE-2019-7304 VENDOR: snapd team NOTES: The snapd service runs as an REST API using a Unix Domain Socket, is possible to send request when the uid is 0 root, the vulnerability i...
CVE-2019-7304
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1...
CVE-2019-7304 Local privilege escalation via snapd socket
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1...
CVE-2019-7304
CVE-2019-7304 affects Canonical snapd pre-2.37.1, where socket owner validation on the REST API Unix socket was insufficient, enabling local privilege escalation to root via snapd operations. The vulnerability is documented across multiple feeds (NVD, OSV, CVE listing) with CVSS v3.1 base score 9...
USN-3887-1: snapd vulnerability | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Chris Moberly discovered that snapd versions 2.28 through 2.37 incorrectly validated and parsed the remote socket address when performing access controls on its...
Snapd Flaw Lets Attackers Gain Root Access On Linux Systems
Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed "DirtySock" and identified as CVE-2019-7304, the vulnerability wa...
CVE-2019-7304
creationtimestamp| type| source ---|---|--- 2019-02-13 10:39:19+00:00| exploited| https://t.me/DC8044Info/76 2019-02-13 10:54:06+00:00| published-proof-of-concept| https://t.me/SecLabNews/4249 2019-02-13 15:49:51+00:00| published-proof-of-concept| https://t.me/cyberyozhofficial/319 2023-12-03...
Ubuntu: Security Advisory (USN-3887-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...