160 matches found
Design/Logic Flaw
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2018-1171
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2018-1171
The CVE-2018-1171 entry concerns Joyent SmartOS release-20170803. An attacker who can run low-privileged code on the target can exploit a flaw in the DTrace DOF handling to write past the end of an allocated object, enabling local privilege escalation and code execution under the host OS. Root ca...
CVE-2018-1171
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
Joyent SmartOS DTrace DOF Out-Of-Bounds Write Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF file...
Joyent SmartOS SMBIOC_TREE_RELE elevation of privilege vulnerability
Joyent SmartOS is a set of open source operating system from Joyent, USA. A security vulnerability exists in the SMBIOCTREERELE ioctl in Joyent SmartOS release-20170803-20170803T064301Z, which stems from a program's failure to detect the existence of an object before performing an operation on it...
Joyent SmartOS SMB_IOC_SVCENUM IOCTL elevation of privilege vulnerability
Joyent SmartOS is a set of open source operating system from Joyent, USA. A security vulnerability exists in the SMBIOCTREERELE ioctl in Joyent SmartOS release-20170803-20170803T064301Z, which stems from the program failing to correctly detect user-submitted data, resulting in the size of copied...
CVE-2018-1166
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2018-1165
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
Design/Logic Flaw
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
Heap overflow
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2018-1165
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2018-1166
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2018-1165
CVE-2018-1165 affects Joyent SmartOS release-20170803 (and related SmartOS builds) with a heap-based buffer overflow in the SMB_IOC_SVCENUM IOCTL. The root cause is missing validation of user-supplied data length before copying to a fixed-length heap buffer, enabling a local attacker who can run ...
CVE-2018-1166
CVE-2018-1166 affects Joyent SmartOS release-20170803… and is tied to the SMBIOC_TREE_RELE ioctl. The root cause is a lack of validation of an object’s existence before performing operations on it, enabling a local attacker who can run low-privileged code to escalate privileges and execute code w...
CVE-2018-1165
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2018-1166
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
Joyent SmartOS SMB_IOC_SVCENUM Heap-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOCSVCENUM...
Joyent SmartOS SMBIOC_TREE_RELE Use-After-Free Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOCTREERELE...
Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System Integer Overflow Privilege Escalation Vulnerability(CVE-2016-9031)
Summary An exploitable integer overflow exists in the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel...