Lucene search
K

18 matches found

OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.53 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2599)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.93838EPSS
Exploits52References4
seebug.org
seebug.org
added 2014/10/10 12:0 a.m.71 views

Linux Kernel remount FUSE Exploit

No description provided by source. / FUSE-based exploit for CVE-2014-5207 Copyright c 2014 Andy Lutomirski Based on code that is: Copyright C 2001-2007 Miklos Szeredi [email protected] This program can be distributed under the terms of the GNU GPL. See the file COPYING. gcc -Wall fusesuid.c...

6CVSS8.3AI score0.00888EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/10/09 12:0 a.m.70 views

Linux Kernel < 3.16.1 - 'Remount FUSE' Local Privilege Escalation

/ FUSE-based exploit for CVE-2014-5207 Copyright c 2014 Andy Lutomirski Based on code that is: Copyright C 2001-2007 Miklos Szeredi This program can be distributed under the terms of the GNU GPL. See the file COPYING. gcc -Wall fusesuid.c pkg-config fuse --cflags --libs -o fusesuid mkdir test...

6.2CVSS7.8AI score0.00888EPSS
Exploits6
0day.today
0day.today
added 2014/10/09 12:0 a.m.771 views

Linux Kernel 3.16.1 FUSE Privilege Escalation Exploit

FUSE-based exploit that leverages a flaw in fs/namespace.c where it does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges. Linux kernels through 3.16.1 are affected. / FUSE-bas...

6CVSS1.4AI score0.00888EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/10/08 12:0 a.m.66 views

Linux Kernel 3.16.1 FUSE Privilege Escalation

I've been sitting on this for too long. CVE-2014-5207 was an interesting bug found by Kenton Varda and Eric Biederman. Here's a somewhat ugly PoC root exploit. You'll need the ability to use FUSE, although variants would work with removable media or network file systems, too. --Andy / FUSE-based...

6CVSS0.7AI score0.00888EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2014/08/20 12:0 a.m.41 views

Fedora 19 : kernel-3.14.17-100.fc19 (2014-9449)

The 3.14.17 stable update contains a number of important fixes across the tree. Fix CVE-2014-5206, CVE-2014-5207: ro bind mount bypass with namespaces The 3.14.16 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding...

7.2CVSS6.8AI score0.00888EPSS
Exploits6References4
OpenVAS
OpenVAS
added 2014/08/20 12:0 a.m.35 views

Fedora Update for kernel FEDORA-2014-9449

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.6AI score0.37233EPSS
Exploits82References4
OpenVAS
OpenVAS
added 2014/08/19 12:0 a.m.45 views

Ubuntu: Security Advisory (USN-2318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS8.2AI score0.00888EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2014/08/19 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-2317-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS8.2AI score0.00888EPSS
Exploits6References2
CVE
CVE
added 2014/08/18 10:0 a.m.117 views

CVE-2014-5207

CVE-2014-5207 affects the Linux kernel up to version 3.16.1. The flaw occurs in fs/namespace.c where clearing MNT_NODEV, MNT_NOSUID, MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount is not properly restricted, allowing local users to gain privileges, interfere with backups/...

6.2CVSS7.2AI score0.00888EPSS
Exploits6References12Affected Software1
Debian CVE
Debian CVE
added 2014/08/18 10:0 a.m.27 views

CVE-2014-5207

fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...

6.2CVSS6.4AI score0.00888EPSS
Exploits6
Ubuntu
Ubuntu
added 2014/08/18 6:56 a.m.68 views

USN-2318-1: Linux kernel vulnerabilities

Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...

7.2CVSS6.9AI score0.00888EPSS
Exploits6
Ubuntu
Ubuntu
added 2014/08/18 6:53 a.m.61 views

USN-2317-1: Linux kernel (Trusty HWE) vulnerabilities

Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...

7.2CVSS6.9AI score0.00888EPSS
Exploits6
securityvulns
securityvulns
added 2014/08/18 12:0 a.m.76 views

[USN-2318-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2318-1 August 18, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS0.1AI score0.00888EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2014/08/18 12:0 a.m.32 views

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2317-1)

Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...

7.2CVSS6.8AI score0.00888EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2014/08/18 12:0 a.m.30 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2318-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2318-1 advisory. Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit...

7.2CVSS7AI score0.00888EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2014/08/17 12:0 a.m.44 views

Fedora 20 : kernel-3.15.10-200.fc20 (2014-9466)

The 3.15.10 stable update contains a number of important fixes across the tree. Fix CVE-2014-5206, CVE-2014-5207: ro bind mount bypass with namespaces Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...

7.2CVSS6.8AI score0.00888EPSS
Exploits6References4
UbuntuCve
UbuntuCve
added 2014/08/13 12:0 a.m.36 views

CVE-2014-5207

fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...

6.2CVSS6.8AI score0.00888EPSS
Exploits6References5
Rows per page
Query Builder