Lucene search
K

177 matches found

RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.5 views

Kernel: fs: umount denial of service

The doumount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAPSYSADMIN capability for doremountsb calls that change the root filesystem to read-only, which allows local users to cause a denial of service loss of writability by making certain unshare system calls...

5.5CVSS6.6AI score0.00461EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2016/08/03 12:0 a.m.5 views

PT-2020-10295 · Open Container Initiative +7 · Runc +7

Name of the Vulnerable Software and Affected Versions: runc versions through 1.0.0-rc9 runc version 1.0.0-rc10 is not affected, as it contains the fix for this issue. Description: The issue is related to incorrect access control, leading to escalation of privileges. An attacker must be able to...

9.8CVSS6.6AI score0.9857EPSS
Exploits55References276
Debian CVE
Debian CVE
added 2014/10/13 10:0 a.m.32 views

CVE-2014-7975

The doumount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAPSYSADMIN capability for doremountsb calls that change the root filesystem to read-only, which allows local users to cause a denial of service loss of writability by making certain unshare system calls...

5.5CVSS6AI score0.00461EPSS
Exploits0
OSV
OSV
added 2014/10/13 12:0 a.m.7 views

UBUNTU-CVE-2014-7975

The doumount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAPSYSADMIN capability for doremountsb calls that change the root filesystem to read-only, which allows local users to cause a denial of service loss of writability by making certain unshare system calls...

5.5CVSS6.7AI score0.00461EPSS
Exploits0References10
Fedora
Fedora
added 2013/02/10 4:37 a.m.28 views

[SECURITY] Fedora 17 Update: android-tools-20130123git98d0789-1.fc17

The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...

3.3CVSS0.9AI score0.00316EPSS
Exploits0
Fedora
Fedora
added 2013/02/10 4:36 a.m.39 views

[SECURITY] Fedora 16 Update: android-tools-20130123git98d0789-1.fc16

The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...

3.3CVSS0.9AI score0.00316EPSS
Exploits0
Fedora
Fedora
added 2012/12/04 4:53 a.m.13 views

[SECURITY] Fedora 17 Update: android-tools-20121120git3ddc005-1.fc17

The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...

0.9AI score
Exploits0
Metasploit
Metasploit
added 2010/02/05 6:38 a.m.51 views

Samba Symlink Directory Traversal

This module exploits a directory traversal flaw in the Samba CIFS server. To exploit this flaw, a writeable share must be specified. The newly created directory will link to the root filesystem. This module requires Metasploit: https://metasploit.com/download Current source:...

3.5CVSS7.4AI score0.3053EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.26 views

openSUSE Security Update : cifs-mount (cifs-mount-406)

This update fixes a bug that allowed the client to retrieve arbitrary memory content from the server process. CVE-2008-4314 Additionally another bug was fixed that affects environments that enabled registry shares by setting 'registry shares = yes'. In this case an authenticated user is...

8.5CVSS8.1AI score0.04331EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.31 views

Ubuntu 8.10 : samba vulnerability (USN-702-1)

Gunter Hockel discovered that Samba with registry shares enabled did not properly validate share names. An authenticated user could gain access to the root filesystem by using an older version of smbclient and specifying an empty string as a share name. This is only an issue if registry shares ar...

6.3CVSS8.1AI score0.03534EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.31 views

Mandriva Linux Security Advisory : samba (MDVSA-2009:042)

Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name CVE-2009-0022. This update provides samba 3.2.7 to address this issue. %NASLMINLEVEL 70300 C Tenable...

6.3CVSS8AI score0.03534EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/01/07 12:0 a.m.51 views

Ubuntu USN-702-1 (samba)

The remote host is missing an update to samba announced via advisory USN-702-1. OpenVAS Vulnerability Test $Id: ubuntu7021.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7021.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-702-1 samba Authors: Thomas Reinke...

9.3CVSS0.2AI score0.0747EPSS
Exploits2References1
OSV
OSV
added 2009/01/05 8:30 p.m.1 views

DEBIAN-CVE-2009-0022

Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name...

6.3CVSS8.8AI score0.03534EPSS
Exploits1References1
OSV
OSV
added 2009/01/05 8:30 p.m.4 views

CVE-2009-0022

Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name...

6.3CVSS6AI score0.03534EPSS
Exploits1References13
Cvelist
Cvelist
added 2009/01/05 8:0 p.m.26 views

CVE-2009-0022

Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name...

5.9AI score0.03534EPSS
Exploits1References13
Debian CVE
Debian CVE
added 2009/01/05 8:0 p.m.26 views

CVE-2009-0022

Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name...

6.3CVSS5.7AI score0.03534EPSS
Exploits1
CERT
CERT
added 2002/09/24 12:0 a.m.13 views

Cherokee Web Server does not adequately validate user input thereby allowing directory traversal

Overview Cherokee contains a directory traversal vulnerability caused by failure to filter '../' character sequences. Description Cherokee is a compact, open-source web server. Cherokee does not filter '../' sequences from HTTP requests. As a result, it is possible for a remote attacker to reques...

6.9AI score
Exploits0References2
Rows per page
Query Builder