CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 6 (Important) (RHSA-2018:0002)

"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0002 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Re...

jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

CVE-2017-16933

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2USER account for creation of a link...

UBUNTU-CVE-2017-16933

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2USER account for creation of a link...

DEBIAN-CVE-2017-16933

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2USER account for creation of a link...

CVE-2017-16933

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2USER account for creation of a link...

CVE-2017-16933

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2USER account for creation of a link...

CVE-2017-16933

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2USER account for creation of a link...

GLSA-201711-04 : MariaDB, MySQL: Root privilege escalation

The remote host is affected by the vulnerability described in GLSA-201711-04 MariaDB, MySQL: Root privilege escalation The Gentoo installation scripts before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysq...

GLSA-201711-11 : VDE: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201711-11 VDE: Privilege escalation It was discovered that Gentoos default VDE installation suffered from a privilege escalation vulnerability in the init script. This script calls an unsafe chown command which gives members from...

VDE: Privilege escalation

Background VDE is an ethernet compliant virtual network that can be spawned over a set of physical computer over the Internet. Description It was discovered that Gentoo’s default VDE installation suffered from a privilege escalation vulnerability in the init script. This script calls an unsafe...

CVE-2017-16638

The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script...

CVE-2017-16638

The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script...