6 matches found
EUVD-2014-1306
Malware in sbrugna...
CVE-2013-6876
The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...
CVE-2013-6876
The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...
CVE-2014-1226
The CVE-2014-1226 entry concerns s3dvt’s pipe_init_terminal function in main.c, with local privilege escalation via setuid and reliance on bash 4.3 or earlier. Multiple sources (Veracode entries for s3dvt) confirm the root cause as an incomplete fix of CVE-2013-6876, affecting s3dvt 0.2.2 and ear...
CVE-2013-6876
The CVE-2013-6876 issue affects s3dvt, specifically versions 0.2.2 and earlier, where the local privilege escalation is caused by two terminal-related routines in main.c: pty_init_terminal and pipe_init_terminal. The underlying flaw enables a local user to gain privileges by abusing setuid permis...
CVE-2014-1226
The pipeinitterminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876...