6 matches found
cPanel cross-site scripting vulnerability (CNVD-2019-30470)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in the WHM Repair Mailbox Permissions interface in versions prior to cPanel 60.0.25...
Apple Mac OS X磁盘工具特权提升漏洞
BUGTRAQ ID: 30492 CVE ID:CVE-2008-2324 CNCVE ID:CNCVE-20082324 Apple Mac OS X是一款商业性质的操作系统。 Apple Mac OS X "Repair Permissions"工具存在设计错误,本地攻击者可以利用漏洞提升特权。 在修正权限Repair Permissions工具运行后,本地用户可使用emacs以系统特权运行命令。导致获得系统权限。 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.10 Apple Mac OS X Server...
CVE-2008-2324
The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs...
CVE-2008-2324
CVE-2008-2324 affects Apple Mac OS X (Disk Utility’s Repair Permissions tool). The vulnerability arises when Repair Permissions runs and incorrectly adds the setuid bit to /usr/bin/emacs, enabling a local attacker to execute commands as root by invoking emacs. This is a local privilege-escalation...
CVE-2008-2324
The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs...
MOAB-15-01-2007.rb.txt
!/usr/bin/ruby Exploit for MOAB-15-01-2007 c 2006 LMH . Note: It's a generic exploit, you can use it over any binary writable which is set as root setuid by diskutil repair permissions. Simply change the path. Blame Apple for doing such a piece of and relying on flawed DAC. Line-noise: Jackass of...