1015 matches found
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
DEBIAN-CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
Design/Logic Flaw
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
CVE-2011-4099
The CVE-2011-4099 issue affects the capsh program in libcap prior to version 2.22, where the current working directory is not changed when --chroot is used, enabling local users to bypass chroot restrictions. Affected component: libcap (capsh utility). Root cause: chroot handling does not chdir t...
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...
stunnel: Arbitrary code execution
Background The stunnel program is designed to work as an SSL encryption wrapper between a client and a local or remote server. Description A buffer overflow vulnerability has been discovered in stunnel. Please review the CVE identifier referenced below for details. Impact A remote attacker could...
Juniper Junos J-Web - Privilege Escalation Vulnerability
Exploit for php platform in category web applications Sense of Security - Security Advisory Release Date. 10-Sep-2013 Last Update. - Vendor Notification Date. 27-Sep-2012 Product. Juniper Junos J-Web Platform. Junos Affected versions. All builds prior to 2013-02-28 are affected Severity Rating...
Juniper Junos J-Web - Privilege Escalation
Juniper Junos J-Web - Privilege Escalation Sense of Security - Security Advisory - SOS-13-003 security advisory Release Date. 10-Sep-2013 Last Update. - Vendor Notification Date. 27-Sep-2012 Product. Juniper Junos J-Web Platform. Junos Affected versions. All builds prior to 2013-02-28 are affecte...
CentOS 4 : vixie-cron (CESA-2005:361)
An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specifie...
DEBIAN-CVE-2013-1956
The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...
UBUNTU-CVE-2013-1956
The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...
PT-2013-3489 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.8.6 Description: The issue allows local users to bypass intended filesystem restrictions. This is due to the create user ns function in kernel/user namespace.c not checking whether a chroot directory exists th...
Mandriva Linux Security Advisory : stunnel (MDVSA-2013:130)
Updated stunnel packages fix security vulnerability : stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a...
Linux Kernel多个本地安全绕过漏洞
BUGTRAQ ID: 59052 Linux Kernel是Linux操作系统的内核。 Linux kernel存在多个安全绕过漏洞,攻击者可利用这些漏洞绕过某些安全限制并执行未授权操作。 0 Linux kernel 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/ define GNUSOURCE include unistd.h include sched.h include sys/types.h include sys/wait.h include fcntl.h includ...
CVE-2013-1858
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONENEWUSER and CLONEFS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child...
Design/Logic Flaw
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONENEWUSER and CLONEFS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child...
CVE-2013-1858
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONENEWUSER and CLONEFS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child...
CVE-2013-1858
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONENEWUSER and CLONEFS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child...