7 matches found
CVE-2020-36657
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
Hardcoded credentials
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
CVE-2020-36657
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
Hardcoded credentials
OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...
CVE-2017-18188
OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...
CVE-2017-14730
The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LSUSER account for creation of a hard link...
GIMPS: Root privilege escalation
Background GIMPS, the Great Internet Mersenne Prime Search, is a software capable of find Mersenne Primes, which are used in cryptography. GIMPS is also used for hardware testing. Description It was discovered that Gentoo’s default GIMPS installation suffered from a privilege escalation...