38 matches found
CLSA-2026-1778253061 Fix CVE(s): CVE-2026-27447
SECURITY UPDATE: fix authorization bypass in cupsd caused by case-insensitive comparison of local user and group names. - debian/patches/CVE-2026-27447.patch: compare usernames against the canonical pwname from getpwnam with strcmp in cupsdCheckGroup and cupsdIsAuthorized in scheduler/auth.c;...
uutils coreutils has an Untrusted Search Path
A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...
GHSA-MH5C-XRMH-M794 uutils coreutils has an Untrusted Search Path
A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...
CVE-2026-35368
CVE-2026-35368 describes a local privilege-escalation in the chroot utility of the uutils coreutils when using the --userspec option. The issue arises because the utility resolves the user via getpwnam() after entering the chroot but before dropping root privileges. On glibc-based systems, this c...
EUVD-2006-2065
Malware in sbrugna...
EUVD-2010-0047
Malware in sbrugna...
EUVD-2015-7431
Malware in sbrugna...
SUSE CVE-2010-0015
nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...
SUSE CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...
Systemd Stack Buffer Overflow Vulnerability
systemd is a Linux-based system and service manager developed by German software developer Lennart Poettering and others. It is compatible with the SysV and LSB startup scripts and provides a framework for representing dependencies between system services. A stack buffer overflow vulnerability...
CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...
UBUNTU-CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...
CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...
DEBIAN-CVE-2015-7510
Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...
AIX 6.1 TL 7 : bos.rte.security (U838721)
The remote host is missing AIX PTF U838721, which is related to the security of the package bos.rte.security. AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local...
AIX 7.1 TL 1 : ldapauth (IV18464)
AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local attacker could exploit this vulnerability to gain lateral or elevated privileges on the system. %NASLMINLEVEL...
AIX 6.1 TL 7 : ldapauth (IV18637)
AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local attacker could exploit this vulnerability to gain lateral or elevated privileges on the system. %NASLMINLEVEL...
AIX 6.1 TL 6 : ldapauth (IV19077)
AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local attacker could exploit this vulnerability to gain lateral or elevated privileges on the system. %NASLMINLEVEL...
AIX 6.1 TL 5 : ldapauth (IV19097)
AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local attacker could exploit this vulnerability to gain lateral or elevated privileges on the system. %NASLMINLEVEL...
IBM AIX 'getpwnam()'本地权限提升漏洞(CVE-2012-0745)
BUGTRAQ ID: 53393 CVE ID: CVE-2012-0745 AIX是一个基于开放标准的UNIX操作系统,为用户提供企业信息技术基础架构。 IBM AIX 5.3、6.1、7.1在实现上存在本地权限提升漏洞,本地攻击者可利用此漏洞获取提升的权限。 0 IBM AIX 7.1 IBM AIX 6.1 IBM AIX 5.3 厂商补丁: IBM --- IBM已经为此发布了一个安全公告(ldapauthadvisory2)以及相应补丁: ldapauthadvisory2:Vulnerability in LDAP Authentication...