21 matches found
EUVD-2007-1853
Malware in sbrugna...
SUSE CVE-2007-1859
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...
Exploit for Off-by-one Error in Sudo_Project Sudo
This is a PoC exploit for CVE-2021-3156, a vulnerability in the GNU C Library glibc that allows for a buffer overflow attack. The exploit is written in C and is designed to work on Ubuntu 18.04 and 20.04 systems. The exploit creates a malicious shared library, "libnssX.so.2", that is designed to ...
SUSE SLED12 / SLES12 Security Update : sssd (SUSE-SU-2016:2579-1)
This update for sssd fixes one security issue and three bugs. The following vulnerability was fixed : - CVE-2014-0249: Incorrect expansion of group membership when encountering a non-POSIX group. bsc880245 The following non-security fixes were also included : - Prevent crashes of statically linke...
SuSE9 Security Update : xscreensaver (YOU Patch Number 12174)
Following security problem is fixed by this patch : - When getpwuid fails due to dropped network on NIS accounts fail instead of silently disabling locking and just blanking. CVE-2008-1683 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 10 Security Update : xscreensaver (ZYPP Patch Number 5334)
Following security problem is fixed by this patch : - When getpwuid fails due to dropped network on NIS accounts fail instead of silently disabling locking and just blanking. CVE-2008-1683 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
GLSA-200804-12 : gnome-screensaver: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-200804-12 gnome-screensaver: Privilege escalation gnome-screensaver incorrectly handles the results of the getpwuid function in the file src/setuid.c when using directory servers like NIS during a network outage, a similar issue t...
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalation
Gentoo Linux Security Advisory GLSA 200804-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
gnome-screensaver privilege escalation
getpwuid exceptional conditions are not handled...
gnome-screensaver: Privilege escalation
Background gnome-screensaver is a screensaver, designed to integrate with the Gnome desktop, that can replace xscreensaver. Description gnome-screensaver incorrectly handles the results of the getpwuid function in the file src/setuid.c when using directory servers like NIS during a network outage...
GLSA-200705-14 : XScreenSaver: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-200705-14 XScreenSaver: Privilege escalation XScreenSaver incorrectly handles the results of the getpwuid function in drivers/lock.c when using directory servers during a network outage. Impact : A local user can crash XScreenSave...
XScreenSaver: Privilege escalation
Background XScreenSaver is a widely used screen saver collection shipped on systems running the X11 Window System. Description XScreenSaver incorrectly handles the results of the getpwuid function in drivers/lock.c when using directory servers during a network outage. Impact A local user can cras...
DEBIAN-CVE-2007-1859
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...
CVE-2007-1859
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...
CVE-2007-1859
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...
CVE-2007-1859
XScreenSaver 4.10 is affected when using a remote directory service for credentials. The root cause is in drivers/lock.c where getpwuid handling can fail when there is no network connectivity, causing XScreenSaver to crash and unlock the screen, effectively allowing a local attacker to bypass aut...
CVE-2007-1859
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...
CVE-2007-1859
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...
xscreensaver authentication bypass
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...
perl getpwuid problem
Getpwuid call doesn't clode /etc/shadow, it leaves the possibility to access file descriptor after privelege are dropped...