2 matches found
CVE-2026-31979 himmelblaud-tasks: local privilege escalation via /tmp symlink attack on Kerberos ccache
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the task...
PT-2023-19967 · Nokia · Nokia Airscale Asika Single Ran +1
Name of the Vulnerable Software and Affected Versions: NOKIA Airscale ASIKA Single RAN devices versions prior to 21B Description: An issue was discovered in the Nokia BTS baseband unit diagnostic tool AaShell, which is disabled by default. If security hardenings are removed from a Nokia Single RA...