454 matches found
Git: Security bypass
Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description Timo Schmid discovered that the Git restricted shell incorrectly filtered allowed commands. Impact A remote attacker...
CERIO DT-100G-N/DT-300N/CW-300N - Multiple Vulnerabilities
CERIO 11nbg 2.4Ghz High Power Wireless Router pekcmd Rootshell Backdoors Vendor: CERIO Corporation Product web page: http://www.cerio.com.tw Affected version: DT-100G-N fw: Cen-WR-G2H5 v1.0.6 DT-300N fw: Cen-CPE-N2H10A v1.0.14 DT-300N fw: Cen-CPE-N2H10A v1.1.6 CW-300N fw: Cen-CPE-N2H10A v1.0.22...
SUSE SLES11 Security Update : bash (SUSE-SU-2017:1337-1)
This update for bash fixed several issues This security issue was fixed : - CVE-2016-9401: popd in bash might allowed local users to bypass the restricted shell and cause a use-after-free via a crafted address bsc1010845. The update package also includes non-security fixes. See advisory for...
USN-3287-1 git vulnerability
Timo Schmid discovered that the Git restricted shell incorrectly filtered allowed commands. A remote attacker could possibly use this issue to run an interactive pager and access sensitive information...
USN-3287-1: Git vulnerability
Timo Schmid discovered that the Git restricted shell incorrectly filtered allowed commands. A remote attacker could possibly use this issue to run an interactive pager and access sensitive information...
Git Shell Bypass By Abusing Less (CVE-2017-8386)
The git-shell is a restricted shell maintained by the git developers and is meant to be used as the upstream peer in a git remote session over a ssh tunnel. The basic idea behind this shell is to restrict the allowed commands in a ssh session to the ones required by git which are as follows:...
[SECURITY] [DSA 3848-1] git security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3848-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 10, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3848-1] git security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3848-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 10, 2017 https://www.debian.org/security/faq -...
CVE-2017-7722
In SolarWinds Log & Event Manager LEM before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" the default username and password. By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the...
CVE-2017-7722
In SolarWinds Log & Event Manager LEM before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" the default username and password. By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the...
CVE-2017-7722
CVE-2017-7722 affects SolarWinds Log & Event Manager (LEM) versions before 6.3.1 Hotfix 4. The vulnerability resides in the restrictssh portion of the menuing script used when SSH is accessed with the default credentials (username: cmc, password). Exploitation can escape the restricted shell via ...
SolarWind LEM Default SSH Password Remote Code Execution Exploit
This module exploits the default credentials of SolarWind LEM. A menu system is encountered when the SSH service is accessed with the default username and password which is "cmc" and "password". By exploiting a vulnerability that exist on the menuing script, an attacker can escape from restricted...
SolarWinds LEM Default SSH Password Remote Code Execution
This module exploits the default credentials of SolarWinds LEM. A menu system is encountered when the SSH service is accessed with the default username and password which is "cmc" and "password". By exploiting a vulnerability that exist on the menuing script, an attacker can escape from restricte...
SolarWinds LEM 6.3.1 - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "SolarWind LEM Default SSH Password Remote Code Execution", 'Description' = %q This module exploits the default credentials of SolarWind LEM. A men...
CVE-2016-9401
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address...
ALPINE-CVE-2016-9401
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address...
CVE-2016-9401
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address...
DEBIAN-CVE-2016-9401
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address...
Authentication flaw
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address...
CVE-2016-9401
CVE-2016-9401 relates to the Bash shell. The vulnerability is in the popd builtin, which may segfault/use‑after‑free a process when called with crafted/negative offsets, potentially enabling local disruption or bypassing restricted shells. The issue is fixed in multiple downstream advisories; rem...