8 matches found
Ubuntu 16.04 ESM : S-nail vulnerability (USN-4820-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4820-1 advisory. It was discovered that S-nail incorrectly handled paths. An attacker could possible use this issue to write arbitrary files and escalate privileges. Tenable has...
S-nail < 14.8.16 - Local Privilege Escalation Exploit
Exploit for multiple platform in category local exploits !/bin/sh Wrapper for @wapiflapi's s-nail-privget.c local root exploit for CVE-2017-5899 uses ld.so.preload technique --- Found privsep: /usr/lib/s-nail/s-nail-privsep . Compiling /var/tmp/.snail.so.c ... . Compiling /var/tmp/.sh.c...
S-nail 14.8.16 - Local Privilege Escalation
S-nail 14.8.16 - Local Privilege Escalation !/bin/sh Wrapper for @wapiflapi's s-nail-privget.c local root exploit for CVE-2017-5899 uses ld.so.preload technique --- Found privsep: /usr/lib/s-nail/s-nail-privsep . Compiling /var/tmp/.snail.so.c ... . Compiling /var/tmp/.sh.c ... . Compiling...
S-nail < 14.8.16 - Local Privilege Escalation
!/bin/sh Wrapper for @wapiflapi's s-nail-privget.c local root exploit for CVE-2017-5899 uses ld.so.preload technique --- Found privsep: /usr/lib/s-nail/s-nail-privsep . Compiling /var/tmp/.snail.so.c ... . Compiling /var/tmp/.sh.c ... . Compiling /var/tmp/.privget.c ... . Adding /var/tmp/.snail.s...
CVE-2017-5899
Directory traversal vulnerability in the setuid root helper binary in S-nail later S-mailx before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. dot dot in the randstr argument...
CVE-2017-5899
CVE-2017-5899 affects S-nail (later S-mailx) up to version 14.8.16. The vulnerability is a directory traversal in the setuid root helper binary invoked by randstr, allowing a local attacker to write to arbitrary files and escalate to root. Public advisories (e.g., Ubuntu USN-4820-1) confirm the p...
CVE-2017-5899
Directory traversal vulnerability in the setuid root helper binary in S-nail later S-mailx before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. dot dot in the randstr argument...
CVE-2017-5899
Directory traversal vulnerability in the setuid root helper binary in S-nail later S-mailx before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. dot dot in the randstr argument...