35 matches found
MiracleLinux 4 : selinux-policy-3.7.19-54.AXS4.5, policycoreutils-2.0.83-19.8.AXS4 (AXSA:2011-152:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-152:01 advisory. Security-enhanced Linux is a feature of the Linux kernel and a number of utilities with enhanced security functionality designed to add mandatory access...
EUVD-2014-3232
Malware in sbrugna...
EUVD-2011-1028
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-3215
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid syste...
RHEL 6 : libcap-ng (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - policycoreutils: local privilege escalation via seunshare CVE-2014-3215 Note that Nessus has not tested for this...
K16596: Privilege escalation vulnerability CVE-2014-3215
Security Advisory Description seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges ...
SUSE CVE-2011-1011
The seunsharemount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux RHEL 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to...
Advisory ROSA-SA-2021-1952
Software: policycoreutils 2.5 OS: Cobalt 7.9 CVE-ID: CVE-2014-3215 CVE-Crit: CRITICAL CVE-DESC: seunshare in policycoreutils 2.2.5 belongs to the root user with permissions 4755 and executes programs in a way that changes the relationship between the setuid system call and the stored set-user-ID...
SUSE: Security Advisory (SUSE-SU-2017:0375-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arbitrary Code Execution
policycoreutils is vulnerable to arbitrary code execution. The vulnerability exists as it was discovered that the seunshare utility did not enforce proper file permissions on the directory used as an alternate temporary directory mounted as /tmp/. A local user could use this flaw to overwrite fil...
policycoreutils: local privilege escalation via seunshare
A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capnglock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid system call, among others, also sets the...
Gentoo Security Advisory GLSA 201412-44
Gentoo Linux Local Security Checks GLSA 201412-44 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Medium: kernel
Issue Overview: A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capnglock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid system call, among others...
Medium: libcap-ng
Issue Overview: A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capnglock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid system call, among others...
policycoreutils: local privilege escalation via seunshare
A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capnglock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid system call, among others, also sets the...
policycoreutils: Privilege escalation
Background policycoreutils is a collection of SELinux policy utilities. Description The seunshare utility is owned by root with 4755 permissions which can be exploited by a setuid system call. Impact A local attacker may be able to gain escalated privileges. Workaround There is no known workaroun...
Red Hat Linux stickiness of /tmp
No description provided by source. from: http://marc.info/?l=full-disclosure&m=129842239022495&w=2 Developers should not rely on the stickiness of /tmp on Red Hat Linux --------------------------------------------------------------------- Recent versions of Red Hat Enterprise Linux and Fedora...
[oss-security] Re: local privilege escalation due to capng_lock as used in seunshare
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We think there should be a CVE ID for the combination of these two observations: 1. seunshare is intended to be setuid root see the http://userspace.selinuxproject.org/trac/browser/policycoreutils/sandbox/Makefile file 2. dropping privileges no longer...
CVE-2014-3215
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that...
Code injection
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that...