Lucene search
K

4 matches found

Kitploit
Kitploit
added 2019/12/20 11:30 a.m.119 views

PathAuditor - Detecting Unsafe Path Access Patterns

The PathAuditor is a tool meant to find file access related vulnerabilities by auditing libc functions. The idea is roughly as follows: Audit every call to filesystem related libc functions performed by the binary. Check if the path used in the syscall is user-writable. In this case an unprivileg...

7CVSS6.9AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2019/02/04 6:29 p.m.7 views

CVE-2019-3461

Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a bind mount via rename which could result in local privilege escalation. Mounting via rename could potentially lead to a file being placed elsewhereon the filesystem hierarchy e.g. /etc/cron.d/ if the directory being cleaned up...

7CVSS6.6AI score
Exploits0References4
CVE
CVE
added 2019/02/04 6:0 p.m.90 views

CVE-2019-3461

CVE-2019-3461 affects Debian tmpreaper 1.6.13+nmu1, due to a race condition during a (bind) mount via rename(). If the directory being cleaned is on the same filesystem, a mount could cause a file to land elsewhere in the hierarchy (e.g., /etc/cron.d/), enabling local privilege elevation. The iss...

7CVSS6.4AI score0.00253EPSS
Exploits0References4Affected Software1
Debian
Debian
added 2019/01/10 9:35 p.m.95 views

[SECURITY] [DSA 4365-1] tmpreaper security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4365-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 10, 2019 https://www.debian.org/security/faq -...

7CVSS6.7AI score0.00253EPSS
Exploits0
Rows per page
Query Builder