1015 matches found
DEBIAN-CVE-2015-2925
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
CVE-2015-2925
The vulnerability CVE-2015-2925 affects the Linux kernel prior to 4.2.4, specifically the prepend_path function in fs/dcache.c. It allows a local attacker to bypass container protections by renaming a directory inside a bind mount, enabling a double-chroot-style escape. The impact is enabling pri...
CVE-2015-2925
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
CVE-2015-2925
The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...
[SECURITY] Fedora 21 Update: pure-ftpd-1.0.36-7.fc21
Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...
[SECURITY] Fedora 22 Update: pure-ftpd-1.0.36-7.fc22
Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...
Server: Disclosure of users files when deleting parent folders of shared files
Due to a common incorrect usage of the getPath function of the ownCloud virtual filesystem multiple security issues occurred. Especially the function may return null in case the specified file does not exist anymore. When passing the result of getPath in combination with null to functions that...
SOL16880 - Libcap vulnerability CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors. CVE-2011-4099...
docker: insecure opening of file-descriptor 1 leading to privilege escalation
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image...
Crouton - Chromium OS Universal Chroot Environment
crouton is a set of scripts that bundle up into an easy-to-use, Chromium OS-centric chroot generator. Currently Ubuntu and Debian are supported using debootstrap behind the scenes, but "Chromium OS Debian, Ubuntu, and Probably Other Distros Eventually Chroot Environment" doesn't acronymize as wel...
FreeBSD : proftpd -- arbitrary code execution vulnerability with chroot (d0034536-ff24-11e4-a072-d050996490d0)
ProFTPd development team reports : Vadim Melihow reported a critical issue with proftpd installations that use the modcopy module's SITE CPFR/SITE CPTO commands; modcopy allows these commands to be used by unauthenticated clients. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...
UBUNTU-CVE-2015-3627
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image...
CVE-2015-3627
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image...
CVE-2015-3627
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image...
Docker Container Symbolic Link Directory Traversal Elevation of Privilege Vulnerability
Docker is an open source application container engine that allows developers to package their applications as well as dependency packages into a portable container and then distribute it to any popular Linux machine, also enabling virtualization. Docker suffers from a security vulnerability when...
GNU/Linux program crash analysis framework vulnerability to cause the kernel provide the right risk-vulnerability warning-the black bar safety net
Google security researcher Tavis Ormandy found for Ubuntu CVE-2 0 1 5-1 3 1 8apportand RedHat/CentOS/Fedora CVE-2 0 1 5-1 8 6 2 abrtsecurity vulnerabilities, apport and abrt are the GNU/Linux platform on which the automation program crash analysis framework of free software, Ubuntuapportand...
proftpd -- arbitrary code execution vulnerability with chroot
ProFTPd development team reports: Vadim Melihow reported a critical issue with proftpd installations that use the modcopy module's SITE CPFR/SITE CPTO commands; modcopy allows these commands to be used by unauthenticated clients...
Linux Apport/Abrt Local Root Exploit
define GNUSOURCE include include include include include include include include include include include include include include warning this file must be compiled with -static // // Apport/Abrt Vulnerability Demo Exploit. // // Apport: CVE-2015-1318 // Abrt: CVE-2015-1862 // // --...
ApportAbrt (Ubuntu Fedora) - Local Privilege Escalation
ApportAbrt Ubuntu Fedora - Local Privilege Escalation define GNUSOURCE include include include include include include include include include include include include include include warning this file must be compiled with -static // // Apport/Abrt Vulnerability Demo Exploit. // // Apport:...
PT-2015-5979 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.2.4 Description: The issue allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack." This occurs because the prepend path function in...