14 matches found
Chkrootkit - Local Privilege Escalation (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 'Chkrootkit Local Privilege Escalation', 'Description' = %q Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a...
Chkrootkit Local Privilege Escalation
Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privilege escalation. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
CVE-2014-0476
chkrootkit before 0.50 contains a flaw in the slapper function that does not properly quote file paths, allowing a local user to execute arbitrary code via a Trojan horse executable in /tmp when /tmp is not mounted with noexec. This enables local privilege escalation to root. Public reports refer...
CVE-2014-0476
creationtimestamp| type| source ---|---|--- 2014-06-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33899 2015-11-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38775 2018-05-29 15:50:33+00:00| seen|...
Fedora Update for chkrootkit FEDORA-2014-7090
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for chkrootkit FEDORA-2014-7071
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : chkrootkit (MDVSA-2014:122)
Updated chkrootkit package fixes security vulnerability : The chkrootkit script contains a flaw that allows a local attacker to create an executable in /tmp that will be run by the user running chkrootkit usually root, allowing the attacker to escalate privileges CVE-2014-0476. %NASLMINLEVEL 7030...
[oss-security] CVE-2014-0476 chkrootkit vulnerability
Hi, Thomas Stangner reported the following chkrootkit vulnerability. We assigned CVE-2014-0476 Cheers, Giuseppe -------- Original Message -------- Subject: Serious chkrootkit vulnerability Date: Sun, 25 May 2014 00:53:00 +0200 From: Thomas Stangner [email protected] Organization: Hetzner...
Ubuntu: Security Advisory (USN-2230-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Kernel Vulnerable to Privilege Escalation and DoS Attack
Multiple flaws have been identified in Linux Kernel and related software could allow hackers to hack your Linux machines, shared hosting and websites hosted on them. PRIVILEGE ESCALATION VULNERABILITY IN LINUX KERNEL A privilege escalation vulnerability has been identified in the widely used Linu...
CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
[SECURITY] [DSA 2945-1] chkrootkit security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2945-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 03, 2014 http://www.debian.org/security/faq -...