Lucene search
K

46 matches found

RedHat Linux
RedHat Linux
added 2016/05/10 6:35 p.m.4 views

ntp: config command can be used to set the pidfile and drift file paths

It was found that NTP's :config command could be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process immediately or the current estimated drift of the...

7.5CVSS7.1AI score0.03823EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/11/20 12:0 a.m.119 views

RHEL 7 : chrony (RHSA-2015:2241)

Updated chrony packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6.5CVSS7.5AI score0.03439EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2015/10/22 12:0 a.m.28 views

CVE-2015-5300

The panicgate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds...

7.5CVSS7.2AI score0.0913EPSS
Exploits0References3
NVD
NVD
added 2014/02/27 1:55 a.m.19 views

CVE-2014-1265

The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock...

4.6CVSS6.8AI score0.00342EPSS
Exploits2References1
Prion
Prion
added 2014/02/27 1:55 a.m.20 views

Security feature bypass

The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock...

4.6CVSS6.2AI score0.00342EPSS
Exploits2References1Affected Software2
Cvelist
Cvelist
added 2014/02/27 1:0 a.m.20 views

CVE-2014-1265

The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock...

6.8AI score0.00342EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2014/02/12 12:0 a.m.17 views

Certificate Revocation List Expiry

The X.509 Certificate Revocation List CRL has not been updated, and is currently past its self-reported expiry date. This indicates that the CRL may be misconfigured. TRUSTED...

5.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/12/14 12:0 a.m.31 views

Amazon Linux AMI : sudo (ALAS-2013-259)

A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...

6.9CVSS7.9AI score0.03202EPSS
Exploits8References4
Cent OS
Cent OS
added 2013/11/26 1:33 p.m.108 views

sudo security update

CentOS Errata and Security Advisory CESA-2013:1701 An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common...

6.9CVSS7.6AI score0.03202EPSS
Exploits8References7
Tenable Nessus
Tenable Nessus
added 2013/10/11 12:0 a.m.48 views

Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20130930)

A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...

6.9CVSS7.8AI score0.03202EPSS
Exploits8References4
Cent OS
Cent OS
added 2013/10/07 1:1 p.m.60 views

sudo security update

CentOS Errata and Security Advisory CESA-2013:1353 An updated sudo package that fixes multiple security issues and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring...

6.9CVSS7.4AI score0.03202EPSS
Exploits8References7
RedHat Linux
RedHat Linux
added 2013/09/30 8:30 p.m.58 views

Low: Red Hat Security Advisory: sudo security and bug fix update

An updated sudo package that fixes multiple security issues and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

6.9CVSS7.4AI score0.03202EPSS
Exploits8References6
0day.today
0day.today
added 2013/08/27 12:0 a.m.87 views

Mac OS X Sudo Password Bypass Vulnerability

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges the user is in the sudoers file and is...

6.9CVSS7.9AI score0.03202EPSS
Exploits8
Metasploit
Metasploit
added 2013/08/26 7:52 p.m.44 views

Mac OS X Sudo Password Bypass

This module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges the user is in the sudoers file and is in the...

6.9CVSS6.5AI score0.03202EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2013/04/20 12:0 a.m.34 views

Mandriva Linux Security Advisory : sudo (MDVSA-2013:054)

Multiple vulnerabilities has been found and corrected in sudo : A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated...

7.2CVSS8AI score0.03202EPSS
Exploits8References6
Debian CVE
Debian CVE
added 2013/03/04 9:0 p.m.35 views

CVE-2013-1775

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch...

6.9CVSS4.9AI score0.03202EPSS
Exploits8
UbuntuCve
UbuntuCve
added 2013/02/27 12:0 a.m.33 views

CVE-2013-1775

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch...

6.9CVSS7.2AI score0.03202EPSS
Exploits8References3
Tenable Nessus
Tenable Nessus
added 2009/12/02 12:0 a.m.42 views

SSL Certificate Expiry - Future Validity

The SSL certificate for the remote SSL-enabled service is not yet valid. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid42980; scriptversion "$Revision: 1.8 $"; scriptcvsdate"$Date: 2012/04/02 16:34:10 $"; scriptnameenglish:"SSL Certificate Expiry - Future Validity";...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/05/09 12:0 a.m.49 views

RHEL 4 : kernel (RHSA-2008:0237)

Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

7.2CVSS6.3AI score0.02452EPSS
Exploits5References13
myhack58
myhack58
added 2006/06/26 12:0 a.m.11 views

Then talk about the CMOS password-vulnerability warning-the black bar safety net

For the CMOS is concerned, I believe we already no longer unfamiliar. But it is the CMOS password, I want to really understand the person it is not too much, so we did some experiments to study a bit. Previously there have been a lot of people discussed, but I think there's still talk of the...

7.1AI score
Exploits0
Rows per page
Query Builder