SUSE CVE-2026-44072

Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...

CVE-2026-44072

A flaw was found in Netatalk. A highly privileged local attacker could exploit a vulnerability where the system function is called after a failed chdir operation. This could lead to unintended command execution, potentially resulting in low impact to system integrity or availability...

CVE-2026-44072

Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...

CVE-2026-44072

Netatalk 2.2.1–4.4.2 is affected by a vulnerability where system() is invoked after a failed chdir(), allowing an attacker with local access to trigger unintended commands or cause a minor service disruption under specific conditions. The issue stems from improper handling of the error condition ...

EUVD-2026-31216

Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...

CVE-2026-44072 system() after failed chdir()

Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...

CVE-2026-44072

Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...

CVE-2026-44072 system() after failed chdir()

Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...

CVE-2026-44072

Netatalk 2.2.1 through 4.4.2 calls system after a failed chdir without properly handling the error condition, which allows a local privileged user to execute unintended commands or cause a minor service disruption under specific conditions...

PT-2026-42427

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.2.1 through 4.4.2 Description The software calls the system function after a failed chdir operation without properly handling the error condition. This allows a local privileged user to execute unintended commands or cause ...

Netatalk 操作系统命令注入漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.2.1 to 4.4.2 of Netatalk contained a vulnerability related to operating system command injection. This vulnerability...

EUVD-2006-5691

Malware in sbrugna...

SUSE CVE-2006-5706

Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local users to bypass openbasedir restrictions and perform unspecified actions via unspecified vectors involving the 1 chdir and 2 tempnam functions. NOTE: the tempnam vector might overlap CVE-2006-1494...

SUSE CVE-2008-2666

Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safemode restrictions by creating a subdirectory named http: and then placing ../ dot dot slash sequences in an http URL argument to the 1 chdir or 2 ftok function...

SUSE CVE-2008-5110

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...

Design/Logic Flaw

snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...

CVE-2019-11503

snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...

Linux systemd Symlink Dereference Via chown_one() Exploit

Linux suffers from an issue with systemd where chownone can dereference symlinks. systemd: chownone can dereference symlinks CVE-2018-15687 I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at...

PHP <= 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass

No description provided by source. source: http://www.securityfocus.com/bid/29796/info PHP is prone to multiple 'safemode' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to determine the presence of files in unauthorized locations; other attacks are also possible...

SuSE 11.2 Security Update : cifs-utils (SAT Patch Number 6196)

The following issue has been fixed : - Don't allow unprivileged users to mount onto dirs to which they can't chdir. CVE-2012-1586 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text...