Foscam IP Video Camera CGIProxy.fcgi Change Username pureftpd.passwd Injection Vulnerability(CVE-2017-2850)

Summary An exploitable injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username...

Ansible chroot, jail and zone connection plugin backlink vulnerability

Ansible is a computer system configuration manager that can be used to publish, manage, and orchestrate computer systems. chroot, jail, and zone connection are among the plug-ins. chroot is a root directory modification plug-in; jail is a process or application restriction plug-in; and zone...

Kernel: fs: VFS denial of service

The pivotroot implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service mount-tree loop via . dot values in both arguments to the pivotroot system call...

FreeBSD : proftpd -- user chroot escape vulnerability (770d7e91-72af-11e7-998a-08606e47f965)

NVD reports : ProFTPD ... controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks...

Docker Daemon - Unprotected TCP Socket

Exploit Title: Docker Daemon - Unprotected TCP Socket Date: 20-07-2017 Exploit Author: Martin Pizala Vendor Homepage: https://www.docker.com Software Link: https://www.docker.com/get-docker Version: Since 0.4.7 2013-06-28 feature: mount host directories Tested on: Docker CE 17.06.0-ce and Docker...

Docker Daemon - Unprotected TCP Socket

Docker Daemon - Unprotected TCP Socket Exploit Title: Docker Daemon - Unprotected TCP Socket Date: 20-07-2017 Exploit Author: Martin Pizala Vendor Homepage: https://www.docker.com Software Link: https://www.docker.com/get-docker Version: Since 0.4.7 2013-06-28 feature: mount host directories Test...

Arbitrary File Read

dompdf is vulnerable to arbitrary file read. A malicious user can bypass chroot protections with the PHP protocols and wrappers through the inputfile parameters...

Foscam C1 Indoor HD Camera cgiproxy.fcgi change username pureftpd.passwd injection vulnerability

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A security vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera using application firmware version 2.52.2.37. An attacker can exploit the vulnerability by sending a specially crafted HTTP...

Design/Logic Flaw

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in...

CVE-2017-2850

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in...

CVE-2017-2850

In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in...

CVE-2017-2850

Summary (CVE-2017-2850): The Foscam C1 Indoor HD Camera (firmware 2.52.2.37) is affected by a vulnerability in the CGIProxy.fcgi service where the Change Username operation can inject arbitrary characters into the pureftpd.passwd file. This bypasses FTP chroot and enables privilege escalation via...

CVE-2015-3315

Automatic Bug Reporting Tool ABRT allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on 1 /var/tmp/abrt//maps, 2 /tmp/jvm-/hserror.log, 3 /proc//exe, 4 /etc/os-release in a chroot, or 5 an unspecified root directory relate...

Code injection

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

PYSEC-2017-3

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

DEBIAN-CVE-2015-6240

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

UBUNTU-CVE-2015-6240

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

PYSEC-2017-3

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

CVE-2015-6240

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

CVE-2015-6240

CVE-2015-6240 concerns Ansible, where the chroot, jail, and zone connection plugins allow a local attacker to escape a restricted environment via a symlink attack. Affected software is Ansible versions older than 1.9.2, as described in multiple sources (including GHSA and Debian/Ubuntu advisories...