Lucene search
K

13 matches found

Rapid7 Blog
Rapid7 Blog
added 2023/12/22 4:32 p.m.111 views

Metasploit Weekly Wrap-Up

Getting Looney with Privilege Escalation As if Metasploit couldn’t get any loonier, this release adds a brand new exploit module for Glibc Tunables Privilege Escalation aka Looney Tunables. Now, using linux/local/glibctunablesprivesc, you can check your target’s glibc version to see if it’s...

7.5CVSS8.8AI score0.99999EPSS
Exploits44
CISA KEV Catalog
CISA KEV Catalog
added 2023/11/21 12:0 a.m.36 views

GNU C Library Buffer Overflow Vulnerability

GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBCTUNABLES environment variable, allowing a local attacker to execute code with elevated privileges...

7.8CVSS8AI score0.81422EPSS
In wildExploits26
GithubExploit
GithubExploit
added 2023/10/25 11:59 a.m.430 views

Exploit for Heap-based Buffer Overflow in Gnu Glibc

CVE-2023-4911-Looney-Tunables Looney Tunables Local privilege...

7.8CVSS8AI score0.81422EPSS
Exploits26
OSV
OSV
added 2023/10/13 11:6 a.m.4 views

OESA-2023-1725 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

7.8CVSS7.7AI score0.81422EPSS
Exploits26References2
OSV
OSV
added 2023/10/13 11:6 a.m.2 views

OESA-2023-1724 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

7.8CVSS7.7AI score0.81422EPSS
Exploits26References2
SUSE CVE
SUSE CVE
added 2023/10/06 1:46 a.m.5 views

SUSE CVE-2023-4911

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

8.4CVSS7.3AI score0.81422EPSS
Exploits26References4
RedHat Linux
RedHat Linux
added 2023/10/05 3:41 p.m.2 views

glibc: buffer overflow in ld.so leading to privilege escalation

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS7.2AI score0.81422EPSS
Exploits26References7
RedHat Linux
RedHat Linux
added 2023/10/05 2:14 p.m.3 views

glibc: buffer overflow in ld.so leading to privilege escalation

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS7.2AI score0.81422EPSS
Exploits26References7
RedHat Linux
RedHat Linux
added 2023/10/05 2:3 p.m.5 views

glibc: buffer overflow in ld.so leading to privilege escalation

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS7.2AI score0.81422EPSS
Exploits26References7
RedHat Linux
RedHat Linux
added 2023/10/05 1:11 p.m.4 views

glibc: buffer overflow in ld.so leading to privilege escalation

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS7.2AI score0.81422EPSS
Exploits26References7
BDU FSTEC
BDU FSTEC
added 2023/10/04 12:0 a.m.4 views

The vulnerability of the dynamic loader ld.so of the glibc library allows a attacker to execute arbitrary code with elevated privileges.

The vulnerability of the dynamic loader ld.so for the glibc library is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges by running binary files with SUID permissions and creating a variable environmen...

7.8CVSS7.7AI score0.81422EPSS
Exploits26References15Affected Software10
OSV
OSV
added 2023/10/03 6:15 p.m.6 views

AZL-31117 CVE-2023-4911 affecting package glibc for versions less than 2.35-5

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS7.1AI score0.81422EPSS
Exploits26References1
OSV
OSV
added 2023/10/03 6:4 p.m.4 views

USN-6409-1 glibc vulnerabilities

It was discovered that the GNU C Library incorrectly handled the GLIBCTUNABLES environment variable. An attacker could possibly use this issue to perform a privilege escalation attack. CVE-2023-4911 It was discovered that the GNU C Library incorrectly handled certain DNS responses when the system...

7.8CVSS6.7AI score0.81422EPSS
Exploits27References3
Rows per page
Query Builder