Ubuntu Update for openssh USN-2155-1

Check for the Version of openssh OpenVAS Vulnerability Test $Id: gbubuntuUSN21551.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for openssh USN-2155-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

Design/Logic Flaw

Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an...

Design/Logic Flaw

Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse appprocess program via a crafted PATH environment variable for a /system/xbin/su process...

USN-2155-1: OpenSSH vulnerability

Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to possibly bypass certain intended environment variable restrictions...

Command injection

Sudo 1.6.9 before 1.8.5, when envreset is disabled, does not properly check environment variables for the envdelete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable...

sudo: certain environment variables not sanitized when env_reset is disabled

Sudo 1.6.9 before 1.8.5, when envreset is disabled, does not properly check environment variables for the envdelete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable...

QNX 6.5.0 x86 phfont - Local Privilege Escalation

QNX 6.5.0 x86 phfont - Local Privilege Escalation / QNX 6.5.0 x86 phfont local root exploit by cenobyte 2013 - vulnerability description: Setuid root /usr/photon/bin/phfont on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the PHOTONHOME environment...

QNX 6.5.0 x86 phfont - Local Privilege Escalation

/ QNX 6.5.0 x86 phfont local root exploit by cenobyte 2013 - vulnerability description: Setuid root /usr/photon/bin/phfont on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the PHOTONHOME environment variable. - vulnerable platforms: QNX 6.5.0SP1 QNX...

QNX 6.5.0 x86 io-graphics - Local Privilege Escalation

/ QNX 6.5.0 x86 io-graphics local root exploit by cenobyte 2013 - vulnerability description: Setuid root /usr/photon/bin/io-graphics on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the PHOTON2HOME environment variable. - vulnerable platforms: QNX...

ibstat $PATH Privilege Escalation

This module exploits the trusted $PATH environment variable of the SUID binary "ibstat". This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ibstat $PATH Privilege Escalation', 'Description' = %q...

Code injection

zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6.166 allows local users to create files in arbitrary directories, or possibly have unspecified other impact, via a pathname in the ZYPPLOCKFILEROOT environment variable...

Android Superuser mention the right vulnerability analysis-vulnerability warning-the black bar safety net

Recently, foreign security researchers uncover more Android platform under the authorization Application Management Software there are 3 security vulnerabilities, exploit the vulnerabilities may be the root mention the right, see the link: is. TSRC also for this 3 Android Superuser mention the...

CVE-2013-4874

The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to modify the ramboot environment variable...

CVE-2013-4874

The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to modify the ramboot environment variable...

Design/Logic Flaw

Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager CUCM 7.1x through 9.11a allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454...

CVE-2013-3434

Untrusted search path vulnerability in Cisco Unified Communications Manager CUCM 7.1x through 9.11a allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242...

Apple iOS ‘openSharedCacheFile’函数基于栈的缓冲区溢出漏洞

CVE-2013-3950 Apple iOS是美国苹果（Apple）公司为移动设备所开发的操作系统。支持的设备包括iPhone、iPod Touch、iPad、Apple TV。 Apple iOS 5.1.x版本和6.x至6.1.3版本中的dyld中的dyld.cpp中的‘openSharedCacheFile’函数中存在基于栈的缓冲区溢出漏洞。攻击者可通过DYLDSHAREDCACHEDIR环境变量中较长的字符串利用该漏洞实施越狱攻击。 0 Apple iOS 5.1.x Apple iOS 6.x Apple iOS 6.1.3...

Stack overflow

Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLDSHAREDCACHEDIR environment variable...

CVE-2013-3950

Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLDSHAREDCACHEDIR environment variable...

Design/Logic Flaw

Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable...