CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1025 matches found

Debian CVE•added 2004/06/30 4:0 a.m.•10 views

CVE-2004-0609

Removed by vendor...

5CVSS6.8AI score0.01409EPSS

Exploits0

securityvulns•added 2004/06/23 12:0 a.m.•31 views

Security flaw in rssh

rssh is a small shell whose purpose is to restrict users to using scp or sftp, and also provides the facilities to place users in a chroot jail. It can also be used to lock users out of a system completely. William F. McCaw identified a minor security flaw in rssh when used with chroot jails. The...

0.4AI score

Exploits0

FreeBSD•added 2004/06/19 12:0 a.m.•25 views

rssh -- file name disclosure bug

rssh expands command line paramters before invoking chroot. This could result in the disclosure to the client of file names outside of the chroot directory. A posting by the rssh author explains: The cause of the problem identified by Mr. McCaw is that rssh expanded command-line arguments prior t...

5CVSS6.3AI score0.01409EPSS

Exploits0References2

RedHat Linux•added 2004/05/19 7:3 p.m.•3 views

security flaw

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

5CVSS5.9AI score0.03404EPSS

Exploits0References4

Slackware Linux•added 2004/05/03 1:6 p.m.•35 views

rsync update

New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a security issue. When running an rsync server without the chroot option it is possible for an attacker to write outside of the allowed directory. Any sites running rsync in that mode should upgrade right away and...

5CVSS6.3AI score0.03404EPSS

Exploits0

OSV•added 2004/05/01 12:0 a.m.•27 views

DSA-499 rsync - directory traversal

Bulletin has no description...

5CVSS6AI score0.03404EPSS

Exploits0

securityvulns•added 2004/02/09 12:0 a.m.•34 views

Linux 2.4.24 with vserver 1.24 exploit

Hi securityfocus, a small exploit from me which brakes out of a vserver, also if secured with "chmod 000 /vservers". It is a modification of the known "chroot-again" exploit. It belongs to chroots but also to the vserver project. Tested with linux 2.4.24 and vserver 1.24. The bug was posted to th...

2.1AI score

Exploits0

Packet Storm•added 2004/02/06 12:0 a.m.•38 views

vserver_chroot.txt

7.4AI score

Exploits0

exploitpack•added 2004/02/06 12:0 a.m.•14 views

Linux VServer Project 1.2x - Chroot Breakout

Linux VServer Project 1.2x - Chroot Breakout / source: https://www.securityfocus.com/bid/9596/info VServer is reported prone to a breakout vulnerability that allows a malicious user to escape from the context of the chrooted root directory of the virtual server. This issue is due to the VServer...

0.1AI score

Exploits0

Exploit DB•added 2004/02/06 12:0 a.m.•22 views

Linux VServer Project 1.2x - Chroot Breakout

/ source: https://www.securityfocus.com/bid/9596/info VServer is reported prone to a breakout vulnerability that allows a malicious user to escape from the context of the chrooted root directory of the virtual server. This issue is due to the VServer application failing to secure itself against a...

7.4AI score

Exploits0

NVD•added 2004/01/14 5:0 a.m.•19 views

CVE-2004-1124

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities...

4.6CVSS6.3AI score0.00337EPSS

Exploits0References6

OSV•added 2003/12/15 5:0 a.m.•2 views

DEBIAN-CVE-2003-0962