30 matches found
Local Privilege Escalation in polkits pkexec
A bug exists in the polkit pkexec binary in how it processes arguments. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populat...
Polkit pkexec Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Local Privilege Escalation in polkits pkexec', 'Description' = %q A bug exists in the polkit pkexec binary in how it processes arguments. If the...
[SECURITY] [DSA 4371-1] apt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4371-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez January 22, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 2132-1] New xulrunner packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2132-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 11, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2057-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2057-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 07, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2057-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2057-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 07, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2056-1] New zonecheck packages fix cross-site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-2056-1 [email protected] http://www.debian.org/security/ Sébastien Delafond June 06, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
------------------------------------------------------------------------ Debian Security Advisory DSA-1940-1 [email protected] http://www.debian.org/security/ Stefan Fritsch November 25, 2009 http://www.debian.org/security/faq -...
New pidgin packages fix arbitrary code execution
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1932-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 08, 2009...
[SECURITY] [DSA 1813-1] New evolution-data-server packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1813-1 [email protected] http://www.debian.org/security/ Steffen Joeris June 08, 2009 http://www.debian.org/security/faq -...
[USN-732-1] dash vulnerability
=========================================================== Ubuntu Security Notice USN-732-1 March 10, 2009 dash vulnerability CVE-2009-0854 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 This advisor...
[SECURITY] [DSA 1713-1] New rt2500 packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1713-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 28, 2009 http://www.debian.org/security/faq -...
Xpdf嵌入字体处理代码执行漏洞
BUGTRAQ ID: 28830 CVECAN ID: CVE-2008-1693 Xpdf是便携文档格式(PDF)文件的开放源码查看器。 Xpdf显示PDF文件中所嵌入的畸形字体的方式存在漏洞,攻击者可以创建恶意的PDF文件,如果打开了该文件就会导致Xpdf崩溃或执行任意指令。 Xpdf 3.x Debian ------ Debian已经为此发布了一个安全公告(DSA-1548-1)以及相应补丁: DSA-1548-1:New xpdf packages fix arbitrary code exitution...
[SECURITY] [DSA 1475-1] new gforge packages fix cross site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-1475-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 26, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1470-1] New horde3 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1470-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 20, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1465-2] New apt-listchanges packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1465-2 [email protected] http://www.debian.org/security/ Steve Kemp January 17, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1431-1] New ruby-gnome2 packages fix execution of arbitrary code
------------------------------------------------------------------------ Debian Security Advisory DSA-1431-1 [email protected] http://www.debian.org/security/ Steve Kemp December 11, 2007 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1390-1] New t1lib packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1390-1 [email protected] http://www.debian.org/security/ Noah Meyerhans October 18, 2007 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1236-1] New enemies-of-carlotta package fix missing sanity checks
------------------------------------------------------------------------ Debian Security Advisory DSA-1236-1 [email protected] http://www.debian.org/security/ Steve Kemp December 13, 2006 - ------------------------------------------------------------------------ Package : enemies-of-carlotta...
[SECURITY] [DSA 1153-1] New ClamAV packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1153-1 [email protected] http://www.debian.org/security/ Martin Schulze August 18th, 2006 http://www.debian.org/security/faq -...