1025 matches found
Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass
Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass source: https://www.securityfocus.com/bid/17742/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied...
Linux Kernel 2.6.x - SMBFS CHRoot Security Restriction Bypass
Linux Kernel 2.6.x - SMBFS CHRoot Security Restriction Bypass source: https://www.securityfocus.com/bid/17735/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied...
[SA19868] Linux Kernel CIFS chroot Directory Traversal Vulnerability
TITLE: Linux Kernel CIFS chroot Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA19868 VERIFY ADVISORY: http://secunia.com/advisories/19868/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/ DESCRIPTIO...
Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass
source: https://www.securityfocus.com/bid/17742/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied data. The problem affects chroot inside of an SMB-mounted...
Linux Kernel 2.6.x - SMBFS CHRoot Security Restriction Bypass
source: https://www.securityfocus.com/bid/17735/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied data. The problem affects chroot inside of an SMB-mounted...
Directory traversal
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1863...
CVE-2006-1864
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1863...
CVE-2006-1864
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1863...
CVE-2006-1864
CVE-2006-1864: Directory traversal in smbfs (Linux kernel 2.6.16 and earlier) lets a local user escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences. Severity: CVSS v2 base 4.6 (Medium); vectors indicate LOCAL access with low complexity and partial confidentiality/integrit...
Directory traversal
Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1864...
CVE-2006-1863
CVE-2006-1863 is a directory traversal vulnerability in CIFS on Linux 2.6.16 and earlier that allows a local user to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences. The issue is mitigated by applying a kernel update (e.g., as per ChangeLog-2.6.16.11). Mode: C (detail...
PT-2006-2847 · Linux · Linux
Name of the Vulnerable Software and Affected Versions: Linux versions prior to 2.6.17 Description: A directory traversal issue in the CIFS implementation allows local users to bypass chroot restrictions on an SMB-mounted filesystem by utilizing ".." sequences. Recommendations: For Linux versions...
CVE-2005-4347
CVE-2005-4347 affects Linux 2.4 kernel patch kernel-patch-vserver (and 2.x) for Debian; the chroot barrier is not set correctly in util-vserver, potentially permitting unauthorised escapes from a vserver to the host. OpenVAS/Debian DSAs describe that this vulnerability is limited to the 2.4 patch...
CVE-2005-4347
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver...
Ubuntu 4.10 : postfix vulnerability (USN-74-1)
Jean-Samuel Reynaud noticed a programming error in the IPv6 handling code of Postfix when /proc/net/ifinet6 is not available which is the case in Ubuntu since Postfix runs in a chroot. If 'permitmxbackup' was enabled in the 'smtpdrecipientrestrictions', Postfix turned into an open relay, i. e...
CVE-2005-4347
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver...
rssh restricted shell protection bypass
With rsshchroothelper it's possible to chroot behind restricted directory...
rssh: root privilege escalation flaw
Affected Software: rssh - all versions prior to 2.3.0 Vulnerability: local user privilege escalation Severity: CRITICAL Impact: local users can gain root access Solution: Please upgrade to v2.3.1 Summary ------- rssh is a restricted shell which allows a system administrator to limit users' access...
GLSA-200512-17 : scponly: Multiple privilege escalation issues
The remote host is affected by the vulnerability described in GLSA-200512-17 scponly: Multiple privilege escalation issues Max Vozeler discovered that the scponlyc command allows users to chroot into arbitrary directories. Furthermore, Pekka Pessi reported that scponly insufficiently validates...
scponly: Multiple privilege escalation issues
Background scponly is a restricted shell, allowing only a few predefined commands. It is often used as a complement to OpenSSH to provide access to remote users without providing any remote execution privileges. Description Max Vozeler discovered that the scponlyc command allows users to chroot...