Lucene search
+L

227 matches found

Cvelist
Cvelist
added 2017/01/05 12:0 a.m.72 views

CVE-2016-10010

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...

6.3AI score0.0424EPSS
Exploits2References13
AlpineLinux
AlpineLinux
added 2017/01/05 12:0 a.m.58 views

CVE-2016-10012

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

7.8CVSS6.5AI score0.01281EPSS
Exploits1
Packet Storm
Packet Storm
added 2017/01/04 12:0 a.m.58 views

TinyPDF Installer DLL Hijacking / Unsafe Temp Directory

Hi @ll, the executable installer "InstallTinyPDF.exe", available from , is surprise.- vulnerable: 1. DLL hijacking this is well-known and well-documented; see , , , and "InstallTinyPDF.exe" loads and executes UXTheme.dll and/or DWMAPI.dll from its "application directory" instead Windows' "system...

0.7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2017/01/04 12:0 a.m.76 views

CVE-2016-10012

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

7.8CVSS6.9AI score0.01281EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2017/01/04 12:0 a.m.55 views

CVE-2016-10010

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...

7CVSS7.1AI score0.0424EPSS
Exploits2References4
OSV
OSV
added 2017/01/04 12:0 a.m.4 views

UBUNTU-CVE-2016-10011

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process...

6.2CVSS6.9AI score0.01101EPSS
Exploits1References5
OSV
OSV
added 2017/01/04 12:0 a.m.3 views

UBUNTU-CVE-2016-10010

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...

7CVSS7.1AI score0.0424EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2016/12/27 12:0 a.m.57 views

FreeBSD : openssh -- multiple vulnerabilities (2aedd15f-ca8b-11e6-a9a5-b499baebfeaf)

The OpenSSH project reports : - ssh-agent1: Will now refuse to load PKCS11 modules from paths outside a trusted whitelist run-time configurable. Requests to load modules could be passed via agent forwarding and an attacker could attempt to load a hostile PKCS11 module across the forwarded agent...

7.5CVSS7AI score0.37431EPSS
Exploits6References4
FreeBSD
FreeBSD
added 2016/12/25 12:0 a.m.87 views

openssh -- multiple vulnerabilities

The OpenSSH project reports: ssh-agent1: Will now refuse to load PKCS11 modules from paths outside a trusted whitelist run-time configurable. Requests to load modules could be passed via agent forwarding and an attacker could attempt to load a hostile PKCS11 module across the forwarded agent...

7.5CVSS1.9AI score0.37431EPSS
Exploits6References1
Slackware Linux
Slackware Linux
added 2016/12/24 1:35 a.m.73 views

[slackware-security] openssh

New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openssh-7.4p1-i586-1slack14.2.txz: Upgraded. This is primarily a bugfix release, and also addresses...

7.8CVSS7.1AI score0.37431EPSS
Exploits8
0day.today
0day.today
added 2016/12/23 12:0 a.m.1740 views

OpenSSH 7.4 - UsePrivilegeSeparation Disabled Forwarded Unix Domain Sockets Privilege Escalation Exp

Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1010 This issue affects OpenSSH if privilege separation is disabled config option UsePrivilegeSeparation=no. While privilege separation is enabled by default, it is documented a...

6.9CVSS0.4AI score0.0424EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2016/12/20 8:47 a.m.56 views

CVE-2016-10012

It was found that the boundary checks in the code implementing support for pre-authentication compression could have been optimized out by certain compilers. An attacker able to compromise the privilege-separated process could possibly use this flaw for further attacks against the privileged...

7.8CVSS4.4AI score0.01281EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2016/06/09 12:0 a.m.57 views

Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20160510)

Security Fixes : - It was found that the OpenSSH client did not properly enforce the ForwardX11Timeout setting. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested...

9.8CVSS6.8AI score0.13736EPSS
Exploits0References5
Cent OS
Cent OS
added 2016/05/16 10:19 a.m.431 views

openssh, pam_ssh_agent_auth security update

CentOS Errata and Security Advisory CESA-2016:0741 An update for openssh is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7AI score0.13736EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2016/05/12 12:0 a.m.64 views

RHEL 6 : openssh (RHSA-2016:0741)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0741 advisory. - openssh: XSECURITY restrictions bypass under certain conditions in ssh1 CVE-2015-5352 - openssh: Privilege separation weakness related to...

9.8CVSS6.6AI score0.13736EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2016/05/10 6:29 p.m.7 views

openssh: Privilege separation weakness related to PAM support

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users...

6.4CVSS7.1AI score0.00378EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2016/03/04 12:0 a.m.95 views

WAGO IO PLC 758-870 / 750-849 Credential Management / Privilege Separation

WAGO IO PLC 758-870, 750-849, 750-849 vulnerabilities Background According to WAGO’s Web site, WAGO is an international company based in Germany. They operate production facilities in Germany, Switzerland, Poland, China, and India. WAGO maintains offices worldwide. According to WAGO, its products...

0.6AI score0.03515EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2015/12/15 12:0 a.m.65 views

Amazon Linux AMI : openssh (ALAS-2015-625)

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users. It w...

8.5CVSS6.5AI score0.09302EPSS
Exploits1References4
Amazon
Amazon
added 2015/12/14 12:0 a.m.69 views

Medium: openssh

Issue Overview: A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as...

8.5CVSS8.3AI score0.09302EPSS
Exploits1
NVD
NVD
added 2015/12/11 11:59 a.m.16 views

CVE-2015-7046

The Sandbox feature in xnu in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not properly implement privilege separation, which allows attackers to bypass the ASLR protection mechanism via a crafted app with root privileges...

2.6CVSS8.1AI score0.01897EPSS
Exploits0References10
Rows per page
Query Builder