21 matches found
CVE-2024-34313
An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint...
EUVD-2004-0125
Malware in sbrugna...
EUVD-2024-23243
Malicious code in bioql PyPI...
CVE-2024-34313
An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint...
PT-2024-25785 · Unknown · Vpl Jail System
Name of the Vulnerable Software and Affected Versions: VPL Jail System versions up to 4.0.2 Description: The issue allows attackers to execute a directory traversal via a crafted request to a public endpoint. Recommendations: For VPL Jail System versions up to 4.0.2, update to a version later tha...
CVE-2024-34313
An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint...
CVE-2024-34313
An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint...
VPL-JAIL-SYSTEM Security Vulnerability
VPL-JAIL-SYSTEM is a library by the individual developer of jcrodriguez-dis. Provides an execution sandbox for the VPL Moodle plugin. A security vulnerability exists in VPL-JAIL-SYSTEM v4.0.2 and earlier versions, which stems from a path traversal issue...
CVE-2024-34313
Summary: CVE-2024-34313 affects VPL Jail System up to v4.0.2. A path traversal flaw in the jail server allows an attacker to craft requests to a public endpoint to write arbitrary files to the host filesystem, enabling potential privilege escalation (e.g., via overwriting /etc/ld.so.preload). The...
Exploit for CVE-2024-34313
CVE-2024-34313 !Producthttps://img.shields.io/badge/produc...
CVE-2024-25941
The jail2 system call has not limited a visiblity of allocated TTYs the kern.ttys sysctl. This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. Effectively, the information printed by "psta...
Design/Logic Flaw
The jail2 system call has not limited a visiblity of allocated TTYs the kern.ttys sysctl. This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. Effectively, the information printed by "psta...
CVE-2024-25941
The CVE-2024-25941 issue affects FreeBSD jail(2): the kern.ttys visibility is not limited, enabling an information leak of TTYs from the host or other jails. Exploitation details in the FreeBSD SA-24:02.tty advisory describe the vulnerability and its impact, with attackers potentially reading how...
FreeBSD : FreeBSD -- jail(2) information leak (46a29f83-cb47-11ee-b609-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 46a29f83-cb47-11ee-b609-002590c1f29c advisory. - The jail2 system call has not limited a visiblity of allocated TTYs the kern.ttys sysctl. This gives...
FreeBSD Security Advisory (FreeBSD-SA-10:04.jail.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:04.jail.asc SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
FreeBSD Security Advisory (FreeBSD-SA-05:17.devfs.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:17.devfs.asc ADV FreeBSD-SA-05:17.devfs.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft...
CVE-2004-0125
The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table...
CVE-2004-0125
The CVE-2004-0125 issue affects the FreeBSD jail subsystem (jail(2)) in FreeBSD 4. x prior to 4.10-RELEASE. A programming error failed to verify that routing-table manipulation originated from a jailed process, allowing a privileged jailed process to modify the host’s routing tables. This could c...
CVE-2004-0125
The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table...
FreeBSD-SA-04:12.jailroute
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:12.jailroute Security Advisory The FreeBSD Project Topic: Jailed processes can manipulate host routing tables Category: core Module: kernel Announced: 2004-06-...