51 matches found
EUVD-2017-9323
Malware in sbrugna...
EUVD-2017-7825
Malware in sbrugna...
EUVD-2018-13783
Malware in sbrugna...
EUVD-2021-29314
Malicious code in bioql PyPI...
Init OpenRC Persistence
This module will create a service on the box via OpenRC, and mark it for auto-restart. We need enough access to write service files and potentially restart services. Verified against alpine 3.21.2 Module Options msf use exploit/linux/persistence/initopenrc msf exploitinitopenrc show targets...
📄 Init OpenRC Persistence
This Metasploit module will create a service on the box via OpenRC, and mark it for auto-restart. We need enough access to write service files and potentially restart services. Verified against alpine 3.21.2. This module requires Metasploit: https://metasploit.com/download Current source:...
Linux Distros Unpatched Vulnerability : CVE-2017-18188
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a...
CVE-2018-21269
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink...
Linux Distros Unpatched Vulnerability : CVE-2018-21269
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink...
OpenSSH: Remote Code Execution
Background OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality. Description A vulnerability has been discovered in OpenSSH. Please review the CVE identifier referenced...
ALPINE-CVE-2021-42341
checkpath in OpenRC before 0.44.7 uses the direct output of strlen to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced ...
CVE-2021-42341
checkpath in OpenRC before 0.44.7 uses the direct output of strlen to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced ...
CVE-2021-42341
checkpath in OpenRC before 0.44.7 uses the direct output of strlen to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced ...
Memory corruption
checkpath in OpenRC before 0.44.7 uses the direct output of strlen to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced ...
CVE-2021-42341
checkpath in OpenRC before 0.44.7 uses the direct output of strlen to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced ...
CVE-2021-42341
checkpath in OpenRC before 0.44.7 uses the direct output of strlen to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced ...
CVE-2021-42341
checkpath in OpenRC before 0.44.7 uses the direct output of strlen to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced ...
CVE-2021-42341
checkpath in OpenRC before 0.44.7 uses the direct output of strlen to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced ...
CVE-2021-42341
CVE-2021-42341 concerns OpenRC: in versions prior to 0.44.7, checkpath allocates strings based on strlen() output without reserving space for the terminating ‘\0’, causing memory corruption. The vulnerability was introduced in commit 63db2d99e730547339d1bdd28e8437999c380cae as part of OpenRC 0.44...
OpenRC 安全漏洞
OpenRC is an initialization system from the Openrc team based on providing an init program. A security vulnerability exists in OpenRC versions prior to 0.44.7, which stems from a memory corruption in the software where checkpath uses the direct output of the strlen function to allocate strings,...