Lucene search
K

27 matches found

Prion
Prion
added 2018/12/17 7:29 p.m.28 views

Privilege escalation

A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated sudo permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions an...

9CVSS9.6AI score0.15411EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2018/12/17 6:0 p.m.32 views

CVE-2018-18556

A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated sudo permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions an...

9.7AI score0.15411EPSS
Exploits4References3
Cvelist
Cvelist
added 2018/12/17 6:0 p.m.25 views

CVE-2018-18555

A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to th...

9.6AI score0.01769EPSS
Exploits1References1
CVE
CVE
added 2018/12/17 6:0 p.m.53 views

CVE-2018-18555

CVE-2018-18555 affects VyOS 1.1.8, where the restricted management shell for operator users can be escaped by issuing shell special characters, allowing an authenticated operator to break out to the underlying Linux shell and execute arbitrary OS commands with the user’s privileges. Documents con...

9.9CVSS9.4AI score0.01769EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/12/17 6:0 p.m.96 views

CVE-2018-18556

CVE-2018-18556 affects VyOS 1.1.8. It is a privilege-escalation flaw where an operator user can run the pppd binary with elevated (sudo) permissions due to an insecure default configuration, combined with improper validation of certain input parameters. An attacker with operator privileges can le...

9.9CVSS9.6AI score0.15411EPSS
Exploits4References3Affected Software1
Positive Technologies
Positive Technologies
added 2018/12/17 12:0 a.m.6 views

PT-2018-14514 · Vyos · Vyos

Name of the Vulnerable Software and Affected Versions: VyOS version 1.1.8 Description: A privilege escalation issue was found, allowing operator users to execute the pppd binary with elevated permissions due to the default configuration. The issue is exacerbated by improper validation of certain...

9.9CVSS9.5AI score0.15411EPSS
Exploits4References5
n0where
n0where
added 2016/09/05 2:33 p.m.301 views

High Performance DoS Analyzer: FastNetMon

High Performance DoS Analyzer FastNetMon – A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines NetFlow, IPFIX, sFLOW, SnabbSwitch, netmap, PFRING, PCAP. What can we do? We can detect hosts in our networks sending or receiving large volumes of...

6.7AI score
Exploits0References21
Rows per page
Query Builder