CVE-2015-1342

LXCFS before 0.12 does not properly enforce directory escapes, which might allow local users to gain privileges by 1 querying or 2 updating a cgroup...

CVE-2015-1342

LXCFS prior to 0.12 exposes a local privilege escalation risk due to failure to properly enforce directory escapes when querying or updating a cgroup. The issue is consistently described across multiple sources (CNVD-2015-07988, NVD CVE-2015-1342 entries, and Ubuntu/Debian advisories), stating th...

Ubuntu 15.04 / 15.10 : lxcfs vulnerabilities (USN-2813-1)

It was discovered that LXCFS incorrectly enforced directory escapes. A local attacker could use this issue to possibly escalate privileges. CVE-2015-1342 It was discovered that LXCFS incorrectly checked certain permissions. A local attacker could use this issue t possibly escalate privileges...

CVE-2015-1342

LXCFS before 0.12 does not properly enforce directory escapes, which might allow local users to gain privileges by 1 querying or 2 updating a cgroup...

tnftp -- mget does not check for directory escapes

When downloading a batch of files from an FTP server the mget command does not check for directory escapes. A specially crafted file on the FTP server could then potentially overwrite an existing file of the user...