Lucene search
K

31 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.5 views

SUSE CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

5.5CVSS7.2AI score0.00303EPSS
Exploits1References3
Prion
Prion
added 2021/05/27 1:15 p.m.21 views

Command injection

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

2.1CVSS7.4AI score0.00303EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2020/12/18 12:0 a.m.17 views

PT-2020-15252 · Uftpd · Uftpd

Name of the Vulnerable Software and Affected Versions: uftpd FTP server versions 2.7 to 2.10 Description: The issue arises from improper implementation of a chroot jail in the compose abspath function in common.c, leading to multiple unauthenticated directory traversal vulnerabilities in differen...

9.8CVSS9.9AI score0.25249EPSS
Exploits4References9
OSV
OSV
added 2017/02/07 3:59 p.m.8 views

CVE-2016-2781

chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...

6.5CVSS6.3AI score
Exploits0References3
Prion
Prion
added 2014/12/16 6:59 p.m.18 views

Code injection

Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted 1 image or 2 build in a Dockerfile in an LZMA .xz archive, related to the chroot for archive extraction...

10CVSS8AI score0.06452EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2014/12/16 6:59 p.m.27 views

CVE-2014-9357

Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted 1 image or 2 build in a Dockerfile in an LZMA .xz archive, related to the chroot for archive extraction...

10CVSS7.5AI score0.06452EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.28 views

openSUSE Security Update : libcap (openSUSE-SU-2011:1259-1)

capsh did not chdir'/' after calling chroot. Programs could therefore access the current directory outside of the chroot CVE-2011-4099. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

4.6CVSS5.3AI score0.00379EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/12/16 12:0 a.m.22 views

Mandriva Update for libcap MDVSA-2011:185 (libcap)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.6CVSS5.2AI score0.00379EPSS
Exploits0References2
Prion
Prion
added 2008/11/17 10:21 p.m.20 views

Security feature bypass

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...

9.3CVSS6.3AI score0.022EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2008/11/17 10:0 p.m.79 views

CVE-2008-5110

CVE-2008-5110 affects syslog-ng up to version 2.0.x (=2.0.10 or >=2.1.3 (for the 2.0 and 2.1 lines, respectively). Additional references (GLSA 200907-10) describe the local access risk and remediation, and Fedora advisories similarly indicate updates addressing CVE-2008-5110. No explicit in-th...

9.3CVSS5.9AI score0.022EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.23 views

CVE-1999-1194

chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges...

6.6AI score0.0097EPSS
Exploits0References3
Rows per page
Query Builder