3217 matches found
CVE-2014-1845
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...
CVE-2014-1845
CVE-2014-1845 affects Enlightenment Window Manager, with a setuid root helper that can privilege escalate locally due to improper sanitization of the environment. Affected versions are prior to 0.17.6. The vulnerability is local and requires no user interaction beyond an attacker having local acc...
CVE-2014-1845
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...
The vulnerability of the software for generating and sending error reports on the Ubuntu operating system allows a perpetrator to trigger a service failure or gain root privileges.
The vulnerability of the Apport software for generating and sending error reports on the Ubuntu operating system is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a hacker to cause service failures or gain root privileges using a kernel dump with setuid...
kernel: exec/ptrace: get_dumpable() incorrect tests
A flaw was found in the way the getdumpable function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suiddumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive...
Linux/x86 - chmod 4755 /bin/dash Shellcode (33 bytes)
Linux/x86 - chmod 4755 /bin/dash Shellcode 33 bytes. Shellcode exploit for Linuxx86 platform / Title: chmod 4755 /bin/dash Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: setuid bit on /bin/dash Tested On: Ubuntu 14.04 Arch: x86 Size: 33 bytes global start section .te...
Linux/x86 - execve(cp /bin/sh /tmp/sh; chmod +s /tmp/sh) + Null-Free Shellcode (74 bytes)
Linux/x86 - execvecp /bin/sh /tmp/sh; chmod +s /tmp/sh + Null-Free Shellcode 74 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - cp /bin/sh /tmp/sh; chmod +s /tmp/sh Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: cp shell into /tmp and setuid Teste...
kernel: Missing permission check in move_pages system call
The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...
kernel: Missing permission check in move_pages system call
The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...
CVE-2014-1226
The pipeinitterminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876...
DEBIAN-CVE-2014-1226
The pipeinitterminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876...
CVE-2014-1226
The pipeinitterminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876...
DEBIAN-CVE-2013-6876
The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...
Design/Logic Flaw
The pipeinitterminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876...
CVE-2013-6876
The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...
UBUNTU-CVE-2014-1226
The pipeinitterminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876...
CVE-2013-6876
The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...
CVE-2013-6876
The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...
CVE-2013-6876
The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...
CVE-2014-1226
The pipeinitterminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876...