Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Debian
Debianadded 2017/03/28 3:41 p.m.30 views

[SECURITY] [DSA 3823-1] eject security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3823-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 28, 2017 https://www.debian.org/security/faq -...

7.2CVSS2.5AI score0.00469EPSS
Exploits0
Debian
Debianadded 2017/03/28 3:41 p.m.25 views

[SECURITY] [DSA 3823-1] eject security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3823-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 28, 2017 https://www.debian.org/security/faq -...

7.8CVSS7.4AI score0.00469EPSS
Exploits0
Debian
Debianadded 2017/03/28 8:52 a.m.16 views

[SECURITY] [DLA 876-1] eject security update

Package : eject Version : 2.1.5+deb1+cvs20081104-13+deb7u1 CVE ID : CVE-2017-6964 Debian Bug : 858872 Ilja Van Sprundel discovered that eject a tool to eject CD/DVD drives did not properly handle errors returned from setuid/setgid. For Debian 7 "Wheezy", this issue has been fixed in eject version...

7.8CVSS7.5AI score0.00469EPSS
Exploits0
Cvelist
Cvelistadded 2017/03/28 1:0 a.m.28 views

CVE-2017-6964

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...

7.6AI score0.00469EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2017/03/28 1:0 a.m.34 views

CVE-2017-6964

Removed by vendor...

7.8CVSS7.6AI score0.00469EPSS
Exploits0
CVE
CVEadded 2017/03/28 1:0 a.m.357 views

CVE-2017-6964

CVE-2017-6964 describes a local privilege escalation in eject via the dmcrypt-get-device helper, which does not check return values from setuid() and setgid(). The flaw allows code execution with root privileges when using eject, as reported for Debian/Ubuntu packages (eject versions prior to 2.1...

7.8CVSS7.5AI score0.00469EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCveadded 2017/03/27 12:0 a.m.25 views

CVE-2017-6964

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the 1 setuid or 2 setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through...

7.8CVSS7.2AI score0.00469EPSS
Exploits0References2
OpenVAS
OpenVASadded 2017/03/27 12:0 a.m.18 views

Debian: Security Advisory (DSA-3823-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.00469EPSS
Exploits0References3
Rows per page
Query Builder