395 matches found
CVE-2017-9525
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...
CVE-2017-9525
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...
CVE-2017-9525
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs...
CVE-2017-9525
CVE-2017-9525 affects the cron package (Debian: 3.0pl1-128; Ubuntu: 3.0pl1-128ubuntu2) where the postinst maintainer script allows group-crontab-to-root privilege escalation through unsafe usage of chown/chmod and symlink attacks. Multiple connected advisories reference Cron regressions and incom...
MUNGE: Privilege escalation
Background An authentication service for creating and validating credentials. Description It was discovered that Gentoo’s default MUNGE installation suffered from a privilege escalation vulnerability munge user to root due to improper permissions and a runscript which called chown on a user...
GLSA-201706-01 : MUNGE: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-201706-01 MUNGE: Privilege escalation It was discovered that Gentoos default MUNGE installation suffered from a privilege escalation vulnerability munge user to root due to improper permissions and a runscript which called chown o...
Symlink Race Attacks
github.com/rfjakob/gocryptfs is vulnerable to symlink race attacks. It is possible because it adopts chown instead of Lchown in creating and setting the ownership of file system and directory...
Ubuntu PT Chown Privilege Escalation
Source: http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ Introduction Problem description: With Ubuntu Wily and earlier, /usr/lib/ptchown was used to change ownership of slave pts devices in /dev/pts to the same uid holding the master file descriptor for the slave...
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
tomcat: unsafe chown of catalina.log in tomcat init script allows privilege escalation
It was reported that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation...
tomcat: unsafe chown of catalina.log in tomcat init script allows privilege escalation
It was reported that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation...
Updated mariadb packages fix security vulnerability
Root Privilege Escalation CVE-2016-6664. Unspecified vulnerability affecting the Optimizer component CVE-2017-3238. Unspecified vulnerability affecting the Charsets component CVE-2017-3243. Unspecified vulnerability affecing the DML component CVE-2017-3244. Unspecified vulnerability affecting...
SUSE SLES12 Security Update : mariadb (SUSE-SU-2017:0411-1)
This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...
SUSE-SU-2017:0411-1 Security update for mariadb
This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
openSUSE Security Update : the Linux Kernel (openSUSE-2016-1426)
The openSUSE Leap 42.2 kernel was updated to 4.4.36 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended...
Drupal 8 configuration file download vulnerability analysis-vulnerability warning-the black bar safety net
Author: p0wd3r know Chong Yu 4 0 4 Security lab Date: 2016-09-22 0x00 vulnerability overview 1. Vulnerability description Drupal ( https://www.drupal.org is a free open source content management system, recent researchers have found in it 8. x 8.1.10 version found three security vulnerabilities,...
Wildpwn - Unix Wildcard Attack Tool
Wildpwn is a Python UNIX wildcard attack tool that helps you generate attacks, based on a paper by Leon Juranic. It’s considered a fairly old-skool attack vector, but it still works quite often. First things first! Read: https://www.exploit-db.com/papers/33930/ Basic usage It goes something like...
The vulnerability of Samba software allows a remote attacker to compromise the confidentiality and integrity of protected information.
A vulnerability exists in the ownerset function in smbcacls.c within smbcacls in Samba, due to the deletion of the access control list when the --chown or --chgrp parameter is used. Exploiting this vulnerability allows malicious actors to circumvent access restrictions by making unauthorized...
USN-2985-1 eglibc, glibc vulnerabilities
Martin Carpenter discovered that ptchown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. CVE-2013-2207, CVE-2016-2856 Robin Hack discovered that the Name Service Switch NSS...