CentOS Update for samba CESA-2009:1529 centos4 i386

Check for the Version of samba OpenVAS Vulnerability Test CentOS Update for samba CESA-2009:1529 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS Update for popt CESA-2010:0679 centos5 i386

Check for the Version of popt OpenVAS Vulnerability Test CentOS Update for popt CESA-2010:0679 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

SuSE 11.1 Security Update : opie (SAT Patch Number 4815)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

SuSE 10 Security Update : opie (ZYPP Patch Number 7595)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

SuSE 11.1 Security Update : opie (SAT Patch Number 4815)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

CVE-2011-2490

opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes...

Design/Logic Flaw

opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes...

CVE-2011-2490

opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes...

CVE-2011-1946

gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of thes...

CVE-2011-1946

gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of thes...

SuSE 11.1 Security Update : libgnomesu (SAT Patch Number 4805)

The libgnomesu pam backend did not check the return value of the setuid functions. Local users could exploit that to gain root privileges. CVE-2011-1946 Note: this is just a re-release of the previous update to fix a regression unrelated to the security issue. %NASLMINLEVEL 70300 C Tenable Networ...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7568)

This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs. The following security issues were fixed : - Multiple integer overflows in the nextpidmap function in kernel/pid.c in the Linux kernel allowed local users to cause a denial of service system cra...

SuSE 10 Security Update : glibc (ZYPP Patch Number 7575)

The following bugs have been fixed : - Specially crafted input to the fnmatch function could cause an integer overflow. CVE-2011-1071 - The output of the 'locale' command was not properly quoted. CVE-2011-1095 - Don't search the current directory if $ORIGIN is in RPATH of libraries called by setu...

DEBIAN-CVE-2011-1485

Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...

CVE-2011-1485

Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...

FreeBSD/x86 encrypted setuid(0) execve /bin/sh 51 bytes

/ Title : 51 bytes FreeBSD/x86 encrypted setuid0 execve /bin/sh Date : Sun May 29 08:07:11 UTC 2011 Author; mywisdom email protected Web : devilzc0de.org Gopher: gopher://sdf.org/1/users/wisdomc0 Blog : http://myw1sd0m.blogspot.com/ Tested on: FreeBSD 8.2-RELEASE i386 special thanks to...

Nagios XI 'reset_configs-perms.c'本地特权提升漏洞

Bugtraq ID: 47827 Nagios是一个监视系统运行状态和网络信息的监视系统。 Nagios 'resetconfigs-perms.c'没有正确验证'setuid'函数的调用的返回值，本地攻击者可以利用漏洞获得root特权。 0 Nagios XI 厂商解决方案 目前没有详细解决方案提供： http://www.nagios.org/ rootbsd laptop:$ id uid=1001rootbsd gid=1001rootbsd groupes=1001rootbsd rootbsd laptop:$ ls -l...

CVE-2011-1485

Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...

Design/Logic Flaw

ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...

CVE-2011-0536

Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library aka glibc or libc6, including glibc-2.5-49.el55.6 and glibc-2.12-1.7.el60.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object DSO...