5 matches found
GLSA-201804-18 : tenshi: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-201804-18 tenshi: Privilege escalation It was discovered that the tenshi ebuild creates a tenshi.pid file after dropping privileges to a non-root account. Impact : A local attacker could escalate privileges to root or kill arbitra...
[SECURITY] [DLA 1069-1] tenshi security update
Package : tenshi Version : 0.13-2+deb7u1 CVE ID : CVE-2017-11746 Debian Bug : 871321 Tenshi creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modificatio...
CVE-2017-11746
Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command...
CVE-2017-11746
CVE-2017-11746 affects Tenshi 0.15. The issue: tenshi.pid is created after dropping privileges to a non-root account, permitting a local attacker to kill arbitrary processes by modifying tenshi.pid before a root script issues a kill command. Impact: local privilege/escalation and process terminat...
CVE-2017-11746
Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command...