corosync-qdevice bug fix and enhancement update

An update is available for corosync-qdevice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The corosync-qdevice package contains the Corosync Cluster Engine...

SUSE CVE-2007-3852

The init script sysstat.in in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code...

SUSE CVE-2008-0732

The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories...

SUSE CVE-2016-10089

Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641...

SUSE CVE-2017-14798

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root...

SUSE CVE-2020-12831

An issue was discovered in FRRouting FRR aka Free Range Routing through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some...

Metasploit Weekly Wrap-Up

Taking a stroll down memory lane Tomcat Init Script Privilege Escalation Do you remember the issue with Tomcat init script that was originally discovered by Dawid Golunski back in 2016 that led to privilege escalation? This week's Metasploit release includes an exploit module for CVE-2016-1240 by...

Apache Tomcat On Ubuntu Log Init Privilege Escalation

This exploit sample shows how an exploit module could be written to exploit a bug in a command on a linux computer for priv esc. class MetasploitModule 'Apache Tomcat on Ubuntu Log Init Privilege Escalation', 'Description' = %q Tomcat 6, 7, 8 packages provided by default repositories on...

Apache Tomcat On Ubuntu Log Init Privilege Escalation Exploit

This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a vulnerable tomcat init script that allows local attackers who have already gained access to the tomcat account to escalate their privileges from the...

UBUNTU-CVE-2017-20147

In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID file that is writable by the smokeping user. By writing arbitrary PIDs to that file, the smokeping user can cause a denial of service to arbitrary PIDs when the service is stopped...

CVE-2022-38556

Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh...

D-Link DIR-845 授权问题漏洞

The D-Link DIR-845 is a wireless router from China-based AUO D-Link. An authorization issue vulnerability exists in the D-Link DIR-845 v1.00-v1.03 versions, which stems from a static default credentials vulnerability contained in /etc/init0.d/S80telnetd.sh...

TRENDnet TEW-733GR 授权问题漏洞

The TRENDnet TEW-733GR is a router from Trendnet. An authorization issue vulnerability exists in the TRENDnet TEW-733GR v1.03B01 release, which stems from the inclusion of a static default credentials vulnerability in /etc/init0.d/S80telnetd.sh...

PT-2022-24453 · Trendnet · Trendnet Tew733Gr

Name of the Vulnerable Software and Affected Versions: Trendnet TEW733GR version 1.03B01 Description: The issue concerns a Static Default Credential vulnerability. This vulnerability is located in the /etc/init0.d/S80telnetd.sh file. Recommendations: For Trendnet TEW733GR version 1.03B01, as a...

CVE-2022-28377

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of th...

Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 - Remote Code Execution (RCE)

Exploit Title: Schneider Electric C-Bus Automation Controller 5500SHAC 1.10 - Remote Code Execution RCE Exploit Author: LiquidWorm !/usr/bin/env python3 -- coding: utf-8 -- Schneider Electric C-Bus Automation Controller 5500SHAC 1.10 Remote Root Exploit Vendor: Schneider Electric SE Product web...

Nord Security: NordVPN Linux Client - Unsafe service file permissions leads to Local Privilege Escalation

The Linux package available in NordVPN's repository is affected by a permission issue in init script and systemd unit files that allows any user on the system to execute arbitrary command as root. Tested Version Tested version is the latest available on the repository, which is 3.10.0 and is...

frr: default permission issue eases information leaks

An issue was discovered in FRRouting FRR aka Free Range Routing through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some...

USN-3081-2 tomcat6 vulnerability

Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges...

USN-3081-2: Tomcat vulnerability

Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges...