50 matches found
Race condition
Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...
CVE-2015-3339
Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...
VMware Patches Root Privilege-Escalation Flaw
VMware has fixed a privilege-escalation flaw in two of its major products that could allow a local attacker to gain root privileges on a vulnerable machine. The bug affects VMware Workstation and Player on certain Linux platforms. The vulnerability, which VMware patched on Thursday, does not enab...
CentOS Update for samba CESA-2009:1529 centos4 i386
Check for the Version of samba OpenVAS Vulnerability Test CentOS Update for samba CESA-2009:1529 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
SuSE 10 Security Update : opie (ZYPP Patch Number 7595)
This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...
SuSE 11.1 Security Update : opie (SAT Patch Number 4815)
This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...
List Files with setuid-bit in / and /home, Check /tmp for sticky-bit
This plugin uses ssh to List Files with setuid-bit in / and /home, Check /tmp for sticky-bit. OpenVAS Vulnerability Test $Id: GSHBSSHsetuid.nasl 7076 2017-09-07 11:53:47Z teissa $ List Files with setuid-bit in / and /home, Check /tmp for sticky-bit Authors: Thomas Rotter Copyright: Copyright c 20...
List Files with setuid-bit in / and /home, Check /tmp for sticky-bit
This plugin uses SSH to list files with setuid-bit in / and /home, check /tmp for sticky-bit. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Moderate: Red Hat Security Advisory: samba3x security and bug fix update
Updated samba3x packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Samba is a suite of programs used by machines to share...
samba security update
CentOS Errata and Security Advisory CESA-2009:1529 Updated samba packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Samba is a suite of programs use...
Linux Kernel O_EXCL NFSv4本地权限提升漏洞
BUGTRAQ ID: 36472 CVE ID: CVE-2009-3286 Linux Kernel是开放源码操作系统Linux所使用的内核。 当OEXCL创建文件失败时,Linux Kernel的NFSv4没有正确地清除inode。这导致以不安全的设置(如setuid位)创建文件,本地用户可以通过执行doopenpermission函数获得权限提升。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://git.kernel.org/linus/af85852d...
xscreensaver 5.01 - Arbitrary File Disclosure Symlink
xscreensaver 5.01 - Arbitrary File Disclosure Symlink xscreensaver local arbitrary file disclosure | symlink attack The �xscreensaver� program distributed normally with Xorg can be abused to disclose local files owned by other users also of the root account. Xscreensaver has the setuid bit on...
xscreensaver 5.01 - Arbitrary File Disclosure Symlink
xscreensaver local arbitrary file disclosure | symlink attack The �xscreensaver� program distributed normally with Xorg can be abused to disclose local files owned by other users also of the root account. Xscreensaver has the setuid bit on by default Example: Opensolaris The xscreensaver...
xscreensaver Symlink Attack
xscreensaver local arbitrary file disclosure | symlink attack The ´xscreensaver´ program distributed normally with Xorg can be abused to disclose local files owned by other users also of the root account. Xscreensaver has the setuid bit on by default Example: Opensolaris The xscreensaver program...
CVE-2008-2324
The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs...
OPIE -- arbitrary password change
Problem Description The opiepasswd1 program uses getlogin2 to identify the user calling opiepasswd1. In some circumstances getlogin2 will return "root" even when running as an unprivileged user. This causes opiepasswd1 to allow an unpriviled user to configure OPIE authentication for the root user...
atari800 - Local Privilege Escalation
atari800 - Local Privilege Escalation / Exploit for atari800 by pi3 pi3ki31ny pi3@pi3:$ ./p ...::: -= exploit for Atari800 by pi3 pi3ki31ny =- :::... Ussage: + ./p options -? -v choose a bug: 1 - first bug in all versions Atari800 2 - second bug in older Atari800 - modiy argv0 3 - third bug in...
Debian DSA-086-1 : ssh-nonfree - remote root exploit
We have received reports that the 'SSH CRC-32 compensation attack detector vulnerability' is being actively exploited. This is the same integer type error previously corrected for OpenSSH in DSA-027-1. OpenSSH the Debian ssh package was fixed at that time, but ssh-nonfree and ssh-socks were not...
GLSA-200404-21 : Multiple Vulnerabilities in Samba
The remote host is affected by the vulnerability described in GLSA-200404-21 Multiple Vulnerabilities in Samba Two vulnerabilities have been discovered in Samba. The first vulnerability allows a local user who has access to the smbmount command to gain root. An attacker could place a setuid-root...
SUSE-SA:2003:0014: lprold
The remote host is missing the patch for the advisory SUSE-SA:2003:0014 lprold. The lprm command of the printing package lprold shipped till SUSE 7.3 contains a buffer overflow. This buffer overflow can be exploited by a local user, if the printer system is set up correctly, to gain root...