448 matches found
CVE-2019-5596
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to ga...
CVE-2019-5596
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to ga...
CVE-2018-6597
The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a ro...
Privilege escalation
The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a ro...
CVE-2018-6597
The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a ro...
Imperva SecureSphere 11.5 12.0 13.0 - Privilege Escalation
Imperva SecureSphere 11.5 12.0 13.0 - Privilege Escalation Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Date: 01/08/2018 Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs ...
Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation Exploit
Exploit for linux platform in category local exploits Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs as root and starts a...
Imperva SecureSphere 11.5 / 12.0 / 13.0 Privilege Escalation
Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Date: 01/08/2018 Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs as root and starts a unix domain socket listener in...
Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation
Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Date: 01/08/2018 Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs as root and starts a unix domain socket listener in...
CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
Information disclosure
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
UBUNTU-CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
CVE-2018-12027
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...
Insecure Permissions in Phusion Passenger
"An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of...
CVE-2018-5388
An integer underflow has been discovered in strongSwan VPN's charon server, which could lead to a buffer overflow and consequent crash. A local attacker, with enough privileges to access the Unix Domain Socket /var/run/charon.ctl, could use this vulnerability to crash the charon server. Mitigatio...
Juju-run Agent Privilege Escalation Exploit
This Metasploit module attempts to gain root privileges on Juju agent systems running the juju-run agent utility. Juju agent systems running agent tools prior to version 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3, provide a UNIX domain socket to manage software "units" without setting...
Juju-run Agent - Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Juju-run Agent Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Juju agent systems running the juju-run...