Linux Kernel 3.0 3.3.5 - CLONE_NEWUSER|CLONE_FS Local Privilege Escalation

Linux Kernel 3.0 3.3.5 - CLONENEWUSER|CLONEFS Local Privilege Escalation / source: https://www.securityfocus.com/bid/58478/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain kernel privileges, which will aid in further attacks....

Nagios NRPE 2.13 Code Execution

Summary: --------------- CVE-ID: CVE-2013-1362 CVSS: Base Score 7.5 CVSS2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:UC/CDP:N/TD:N/CR:L/IR:L/AR:L Vendor: Nagios Affected Products: NRPE Affected Platforms: All Affected versions: '"\;" This allows the passing of $ to plugins/scripts which, if...

Linux Kernel 2.6.32-5 (Debian 6.0.5) - devptmx Key Stroke Timing Local Disclosure

Linux Kernel 2.6.32-5 Debian 6.0.5 - devptmx Key Stroke Timing Local Disclosure !/bin/bash ptmx-su-pwdlen.sh -- This PoC determine the password length of a local user who runs "su -". Done thanks to the ptmx keystroke timing attack CVE-2013-0160. See http://vladz.devzero.fr/013ptmx-timing.php for...

Gentoo Security Advisory GLSA 201210-05 (bash)

The remote host is missing updates announced in advisory GLSA 201210-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GLSA-201210-05 : Bash: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201210-05 Bash: Multiple vulnerabilities Two vulnerabilities have been found in Bash: Bash example scripts do not handle temporary files securely CVE-2008-5374. Improper bounds checking in Bash could cause a stack-based buffer...

Gentoo Security Advisory GLSA 201210-05 (bash)

The remote host is missing updates announced in advisory GLSA 201210-05. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Bash: Multiple vulnerabilities

Background Bash is the standard GNU Bourne Again SHell. Description Two vulnerabilities have been found in Bash: Bash example scripts do not handle temporary files securely CVE-2008-5374. Improper bounds checking in Bash could cause a stack-based buffer overflow CVE-2012-3410. Impact A remote...

Solaris 10 (sparc) : 126546-10 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Bash. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful...

ZEN Load Balancer Filelog Command Execution

Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Solaris 10 (x86) : 126547-10 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Bash. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful...

Openfiler v2.x NetworkCard Command Execution

Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Openfiler v2.x NetworkCard Command Execution

This module exploits a vulnerability in Openfiler v2.x which could be abused to allow authenticated users to execute arbitrary code under the context of the 'openfiler' user. The 'system.html' file uses user controlled data from the 'device' parameter to create a new 'NetworkCard' object. The cla...

Mandriva Linux Security Advisory : bash (MDVSA-2012:128)

A vulnerability was found and corrected in bash : A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names 'test' command and evaluating /dev/fd file names in conditinal command expressions. A remote...

CVE-2012-3410

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...

CVE-2012-3410

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...

DEBIAN-CVE-2012-3410

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...

CVE-2012-3410

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...

Stack overflow

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...

CVE-2012-3410

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...

CVE-2012-3410

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...