14 matches found
EUVD-2017-6110
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-14609
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrar...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
Kannel Arbitrary Process Termination Vulnerability
Kannel is an open source WAP and SMS gateway from the Kannel team. A security vulnerability exists in Kannel 1.5.0 and earlier versions, which stems from a program that creates a PID file after downgrading an account to a non-root account. A local attacker can exploit the vulnerability to termina...
Kannel WAP/SMS Gateway Detection
Detection of Kannel WAP/SMS Gateway. The script sends a connection request to the server and attempts to detect Kannel WAP/SMS Gateway and to extract its version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
Kannel Privilege Escalation Vulnerability
Kannel is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kannel:kannel"; if...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
Command injection
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
UBUNTU-CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14609
CVE-2017-14609 affects Kannel 1.5.0 and earlier. The vulnerability stems from a daemon that creates a PID file after dropping privileges to a non-root account, potentially enabling local users to terminate arbitrary processes by modifying the non-root account’s PID file before a root script runs ...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...