TLP 授权问题漏洞

TLP is a power management software for linrunner personal developers. An authorization issue vulnerability exists in TLP version 1.9 up to and including version 1.9.1, which stems from improper authentication and could lead to a local user arbitrarily controlling power profiles and daemon log...

Phabricator: Abusing daemon logs for Privilege escalation under certain scenarios

Setup Needed + A normal user account + A momentary disruption of mail services Replication steps + Login as normal user + Wait for momentary disruption of mail services + Use Password Reset Link for admin mail address + BOOM!!! + You can see the password reset link in the daemon logs because of...

DEBIAN-CVE-2007-4321

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol versi...

CVE-2006-6301

DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain...