FreeBSD Security Advisory FreeBSD-SA-11:07.chroot

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:07.chroot Security Advisory The FreeBSD Project Topic: Code execution via chrooted ftpd Category: core Module: libc Announced: 2011-12-23 Affects: All supporte...

FreeBSD : proftpd -- arbitrary code execution vulnerability with chroot (022a4c77-2da4-11e1-b356-00215c6a37bb)

The FreeBSD security advisory FreeBSD-SA-11:07.chroot reports : If ftpd is configured to place a user in a chroot environment, then an attacker who can log in as that user may be able to run arbitrary code.... Proftpd shares the same problem of a similar nature. %NASLMINLEVEL 70300 C Tenable...

FreeBSD Chrooted 'ftpd'远程特权提升漏洞

Bugtraq ID: 51185 FreeBSD是一款基于BSD的操作系统。 chroot在系统中发挥了根目录的切换工作，chroot2系统调用广泛用于多个应用，用于限制进程对文件系统的访问 nsdispatch3 API实现提供按需重装载它配置的功能，此功能也可以通过配置文件请求来装载共享库并运行库提供的代码 nsdispatch3 API没有任何机制对操作是否在chroot环境中进行告警，在其中的配置文件和共享库的标准路径不可信，FreeBSD ftpd8守护程序以chroot2配置并使用了nsdispatch3 API...

FreeBSD-SA-11:07.chroot

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:07.chroot Security Advisory The FreeBSD Project Topic: Code execution via chrooted ftpd Category: core Module: libc Announced: 2011-12-23 Affects: All supporte...

[ MDVSA-2011:185 ] libcap

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:185 http://www.mandriva.com/security/ Package : libcap Date : December 12, 2011 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in libcap...

Mandriva Update for libcap MDVSA-2011:185 (libcap)

Check for the Version of libcap OpenVAS Vulnerability Test Mandriva Update for libcap MDVSA-2011:185 libcap Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for libcap MDVSA-2011:185 (libcap)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

libcap security and bug fix update

2.16-5.5 - remove some obsolete parameters from capsh manpage 2.16-5.4 - add capsh manpage 730957 2.16-5.3 - make sure to chdir '/' after calling chroot http://cwe.mitre.org/data/definitions/243.html...

SuSE 11.1 Security Update : libcap (SAT Patch Number 5380)

The following bug has been fixed : - capsh did not chdir'/' after calling chroot. Programs could therefore access the current directory outside of the chroot. CVE-2011-4099 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Low: Red Hat Security Advisory: libcap security and bug fix update

Updated libcap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

FreeBSD libc code execution

lib/nsscompat.so.1 library in chroot environment is loaded. Vulnerability is used in-the-wild remotely against FTP-servers...

proftpd -- arbitrary code execution vulnerability with chroot

The FreeBSD security advisory FreeBSD-SA-11:07.chroot reports: If ftpd is configured to place a user in a chroot environment, then an attacker who can log in as that user may be able to run arbitrary code.... Proftpd shares the same problem of a similar nature...

CentOS Update for rsync CESA-2011:0999 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[Manual] Безопасный web-сервер. (chroot,mod-security2,etc)

1. Теория 1.0. Постановка задачи Нам требуется построить максимально безопасный web-сервер на основе минимального дистрибьютива Ubuntu, а именно: 1. Создать chroot "песочницу" с помощью debootstrap 2. Установить в песочнице apache2, php5, mysql 3. Установить и настроить mod-security2, а также...

[SECURITY] Fedora 14 Update: pure-ftpd-1.0.32-1.fc14

Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...

[SECURITY] Fedora 15 Update: pure-ftpd-1.0.32-1.fc15

Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...

DEBIAN-CVE-2011-2167

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...

CVE-2011-2167

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...

Directory traversal

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...

CVE-2011-2167

script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script...