Lucene search
+L

695 matches found

Prion
Prion
added 2023/04/13 11:15 p.m.40 views

Privilege escalation

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

4.3CVSS7.7AI score0.01051EPSS
Exploits4References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/04/13 10:35 p.m.10 views

CVE-2023-1326 local privilege escalation in apport-cli

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

7.7CVSS7AI score0.00874EPSS
Exploits0References2
CVE
CVE
added 2023/04/13 10:35 p.m.479 views

CVE-2023-1326

Technical details for CVE-2023-1326 are not provided in the connected documents. Available sources reference the vulnerability and related CVEs (e.g., CVE-2023-26604) but do not expose affected products, versions, or fixes beyond the apport-cli context.

7.8CVSS7.6AI score0.00874EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/13 10:35 p.m.73 views

CVE-2023-1326 local privilege escalation in apport-cli

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

7.7CVSS8.1AI score0.00874EPSS
Exploits0References2
OSV
OSV
added 2023/04/13 10:35 p.m.36 views

CVE-2023-1326 local privilege escalation in apport-cli

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

7.7CVSS7AI score0.00874EPSS
Exploits0References6
Ubuntu
Ubuntu
added 2023/04/13 10:18 p.m.74 views

USN-6018-1: Apport vulnerability

Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege...

7.8CVSS7.3AI score0.00874EPSS
Exploits0References1
OSV
OSV
added 2023/04/13 10:18 p.m.15 views

USN-6018-1 apport vulnerability

Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege...

7.8CVSS7.1AI score0.00874EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/04/13 12:33 p.m.541 views

CVE-2023-1326

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

7.8CVSS7AI score0.00874EPSS
Exploits0References4
OSV
OSV
added 2023/04/13 12:33 p.m.70 views

UBUNTU-CVE-2023-1326

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

7.8CVSS6.6AI score0.01051EPSS
Exploits4References5
Positive Technologies
Positive Technologies
added 2023/04/13 12:0 a.m.11 views

PT-2023-16898 · Unknown +2 · Apport-Cli +2

Name of the Vulnerable Software and Affected Versions: apport-cli versions 2.26.0 and earlier Description: A privilege escalation attack was found, similar to a known issue, which can be exploited by a local attacker if the system is specially configured. This configuration includes allowing...

7.8CVSS6.1AI score0.01051EPSS
Exploits4References19
CNNVD
CNNVD
added 2023/04/13 12:0 a.m.15 views

Apport 安全漏洞

Canonical Apport is a toolkit from UK-based Canonical that collects and provides feedback on error messages information that the operating system considers useful when an application crashes. A security vulnerability exists in Apport 2.26.0 and earlier versions, which stems from the presence of a...

7.8CVSS7.3AI score0.00874EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.4 views

SUSE CVE-2009-1295

Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors...

1.9CVSS6.8AI score0.00396EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:41 a.m.2 views

SUSE CVE-2013-1067

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file...

4.9CVSS5.9AI score0.00402EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.4 views

SUSE CVE-2015-1324

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root...

7.8CVSS7.6AI score0.00356EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.3 views

SUSE CVE-2015-1338

kernelcrashdump in Apport before 2.19 allows local users to cause a denial of service disk consumption or possibly gain privileges via a 1 symlink or 2 hard link attack on /var/crash/vmcore.log...

7.2CVSS7AI score0.0091EPSS
Exploits2References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.4 views

SUSE CVE-2015-1341

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function pythonmodulepath...

7.8CVSS7.2AI score0.00429EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.6 views

SUSE CVE-2017-10708

An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file...

7.8CVSS8AI score0.02099EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.6 views

SUSE CVE-2017-14179

Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers...

7.8CVSS7.6AI score0.00356EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.3 views

SUSE CVE-2017-14177

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of ...

7.8CVSS7.7AI score0.0039EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.5 views

SUSE CVE-2017-14180

Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability tha...

7.8CVSS7AI score0.0044EPSS
Exploits0References3
Rows per page
Query Builder