1024 matches found
Sudo Chroot 1.9.17 Privilege Escalation
Sudo before version 1.19.17p1 allows user to use chroot option, when executing command. The option is intended to run a command with user-selected root directory if sudoers file allow it. Change in version 1.9.14 allows resolving paths via chroot using user-specified root directory when sudoers i...
📄 Sudo Chroot 1.9.17 Privilege Escalation
This Metasploit module exploits the chroot vulnerability in Sudo versions prior to 1.9.17p1. It allows the attacker to trick Sudo into loading an arbitrary shared object, thus resulting in a privilege escalation. This module requires Metasploit: https://metasploit.com/download Current source:...
Linux Distros Unpatched Vulnerability : CVE-2016-6299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. CVE-2016-6299...
Linux Distros Unpatched Vulnerability : CVE-2008-2544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files,...
Linux Distros Unpatched Vulnerability : CVE-2017-7418
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks...
Linux Distros Unpatched Vulnerability : CVE-2015-2925
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users t...
K000152954: Sudo vulnerability CVE-2025-32463
Security Advisory Description Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. CVE-2025-32463 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo
CVE-2025-32463 Exploit Tool This repository contains a Go-bas...
Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo
CVE-2025-32463 - Sudo Chroot Privilege Escalation Exploit...
sudo: LPE via chroot option
A flaw was found in Sudo. This flaw allows a local attacker to escalate their privileges by tricking Sudo into loading an arbitrary shared library using the user-specified root directory via the -R --chroot option. An attacker can run arbitrary commands as root on systems that support...
CVE-2025-44654
In Linksys E2500 3.0.04.002, the chrootlocaluser option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...
CVE-2025-44655
In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chrootlocaluser option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...
CVE-2025-44657
In Linksys EA6350 V2.1.2, the chrootlocaluser option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...
Linksys E2500 安全漏洞
The Linksys E2500 is an E-Series wireless router from Linksys, Inc. A security vulnerability exists in the Linksys E2500 version 3.0.04.002, which originates from enabling the chrootlocaluser option, and could lead to unauthorized access to system files...
Linksys EA6350 安全漏洞
Linksys EA6350 is a wireless router from Linksys, Inc. A security vulnerability exists in the Linksys EA6350 version V2.1.2 that originates from enabling the chrootlocaluser option, which could lead to unauthorized access to system files...
TOTOLINK A7100RU 安全漏洞
TOTOLINK A7100RU is a wireless router from China Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK A7100RU V7.4, A950RG V5.9, and T10 V5.9 versions, which originates from enabling the chrootlocaluser option and could lead to unauthorized access to system files...
PT-2025-30319
Name of the Vulnerable Software and Affected Versions Linksys E2500 version 3.0.04.002 Description The chroot local user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot...
Local Privilege Escalation
Sudo is vulnerable to local privilege escalation. The vulnerability is due to the use of a user-controlled /etc/nsswitch.conf file when running with the --chroot option, which allows an attacker to obtain root access on the system...
Security update for sudo
This update for sudo fixes the following issues: CVE-2025-32462: Fix a possible local privilege escalation via the --host option bsc1245274 CVE-2025-32463: Fix a possible local privilege Escalation via chroot option bsc1245275 Patch Instructions: To install this SUSE update use the SUSE recommend...
SUSE-SU-2025:20478-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2025-32462: Fix a possible local privilege escalation via the --host option bsc1245274 - CVE-2025-32463: Fix a possible local privilege Escalation via chroot option bsc1245275...