7 matches found
CVE-2011-2921
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges...
CVE-2011-2921
CVE-2011-2921 affects ktsuss versions 1.4 and earlier. The binary is setuid root and does not drop privileges before executing user-specified commands, allowing command execution with root privileges. Public references describe local privilege-escalation risk (no remote vectors stated here); rela...
CVE-2011-2921
creationtimestamp| type| source ---|---|--- 2019-09-02 17:41:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/ktsusssuidprivesc.rb 2019-09-03 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47344 2021-09-21 04:41:50+00:00| seen...
ktsuss Suid Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ktsuss suid Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a vulnerability in ktsuss versio...
ktsuss suid Privilege Escalation
This module attempts to gain root privileges by exploiting a vulnerability in ktsuss versions 1.4 and prior. The ktsuss executable is setuid root and does not drop privileges prior to executing user specified commands, resulting in command execution with root privileges. This module has been test...
Gentoo Security Advisory GLSA 201201-15 (ktsuss)
The remote host is missing updates announced in advisory GLSA 201201-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
GLSA-201201-15 : ktsuss: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-201201-15 ktsuss: Privilege escalation Two vulnerabilities have been found in ktuss: Under specific circumstances, ktsuss skips authentication and fails to change the effective UID back to the real UID CVE-2011-2921. The GTK...