CVE-2018-13108

All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP e.g., VoIP credentials or attack th...

openSUSE Security Update : pam_kwallet (openSUSE-2018-423)

This update for pamkwallet fixes the following issues : Security issue fixed : - CVE-2018-10380: Fix local root vulnerability boo1090863. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

ISPConfig 3.0.54p1 - Authenticated Admin Local root Vulnerability

Exploit for linux platform in category web applications While logged in as admin user: 1 add a shell user 2 under option set gid to ispconfig 3 log in as that user 4 edit /usr/local/ispconfig/interface/lib/lang/en.lng with system$GET'cmd'; 5 browse to: http://server:8080/index.php?cmd=echo...

SCO UnixWare Merge mcd Local Root Exploit

No description provided by source. / 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Merge mcd Local Root Exploit By qaaz / include stdio.h include stdlib.h include string.h include unistd.h include errno.h include sys/stat.h...

Mandrake Linux Security Advisory : printer-filters-utils (MDKSA-2005:239)

'newbug' discovered a local root vulnerability in the mtink binary, which has a buffer overflow in its handling of the HOME environment variable, allowing the possibility for a local user to gain root privileges. Mandriva encourages all users to upgrade immediately. The updated packages have been...

local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5

Suresec security advisory 1 Release date: 27th March 2005 CVE ID: CAN-2005-0750 Linux kernel local root vulnerability About the linux kernel: The linux kernel is a widely used kernel which is unix based. Vulnerability summary: The linux kernel has support for bluetooth. A local root security...

Possible local root vulnerability in Roxio Toast on Mac OS X

Possible local root vulnerability in Roxio Toast on Mac OS X By fintler [email protected] Summary: There is a format string bug in the binary /Library/Application Support/Roxio/TDIXSupport. It is installed suid root by default and may be exploited by finding the offset and overwriting the stack...

Debian DSA-095-1 : gpm - local root vulnerability

The package 'gpm' contains the gpm-root program, which can be used to create mouse-activated menus on the console. Among other problems, the gpm-root program contains a format string vulnerability, which allows an attacker to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security,...

GLSA-200409-18 : cdrtools: Local root vulnerability in cdrecord if set SUID root

The remote host is affected by the vulnerability described in GLSA-200409-18 cdrtools: Local root vulnerability in cdrecord if set SUID root Max Vozeler discovered that the cdrecord utility, when set to SUID root, fails to drop root privileges before executing a user-supplied RSH program. By...

SUS: Local root vulnerability

Background SUS is a utility that allows regular users to be able to execute certain commands as root. Description Leon Juranic found a bug in the logging functionality of SUS that can lead to local privilege escalation. A format string vulnerability exists in the log function due to an incorrect...

cdrdao.sh

!/bin/sh DIR=pwd echo "" echo "cdrdao local root exploit - gr doesn't protect you this time" echo "Karol Wiêsek " echo "" sleep 2 umask 000 echo -n " Checking if /etc/ld.so.preload doesn't exist ... " if -f /etc/ld.so.preload ; then echo "WRONG" echo "/etc/ld.so.preload exists, write another...

[Full-Disclosure] IFH-ADV-31339 Exploitable Buffer Overflow in gv

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Exploitable Buffer Overflow in gv Infohacking Security Advisory 08.04.04 www.infohacking.com Aug 04, 2004 I. BACKGROUND Infohacking team me and myself discovered a new and unreported local root vulnerability in gv. II. DESCRIPTION The gv program that ...

[Full-Disclosure] OSX Panther Internet Connect Vulnerability.

Apple OSX Panther Internet Connect - Local root Vulnerability. ============================================================== Date: 25.07.2004 Author: B-r00t. 2004. Email: B-r00t [email protected] Vendor: Apple Operating System: OSX Panther Possibly Previous Versions. Application: Internet...

applePanther.txt

Apple OSX Panther Internet Connect - Local root Vulnerability. ============================================================== Date: 25.07.2004 Author: B-r00t. 2004. Email: B-r00t Vendor: Apple Operating System: OSX Panther Possibly Previous Versions. Application: Internet Connect.app Tested:...

[Full-Disclosure] MDKSA-2004:016 - Updated mtools packages fix local root vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrake Linux Security Update Advisory Package name: mtools Advisory ID: MDKSA-2004:016 Date: February 25th, 2004 Affected versions: 9.2 Problem Description: Sebastian Krahmer found that the mformat program, when installed suid root, can create any...

Local root vuln in kpopup

A local root vuln exists in Kpopup version 0.9.1latest and proberly all other versions. It is avaliable from http://www.henschelsoft.de/kpopupen.html main site http://www.freebsd.org/ports/net.html and many other places if you search kpopup on google. I. BACKGROUND Kpopup is a KDE program for...

BAZARR FAREWELL

/ traceroute local root advisory / / by: bazarr / / [email protected] / / bazarr episode / ------------------ PREFACE its me bazarr. i dont use ziplip anymore. resend any emails sent to bazarr@ziplip to [email protected] if i dident respond to them. this is a local root vulnerability in the...

linux kmod/ptrace bug - details

Hello There are many discussions on slashdot for example on the recent linux ptrace & kmod bug. I'll try to clarify what is this all about. It's a local root vulnerability. It's exploitable only if: 1. the kernel is built with modules and kernel module loader enabled and 2...

Mandrake 9.0 local root exploit

------------------------------------------------------------------------------------------------------------------ Priv8 Security - www.priv8security.com priv8mdk90.tar.gz - Mandrake 9.0 local root exploit Based on Idefense adv. http://www.idefense.com/advisory/01.21.03.txt Greets to : coideloko,...

New Kismet Packages available - SayText() and suid kismet_server issues

I have discovered 2 potentially exploitable holes in the wireless sniffer package Kismet. Both issues have been addressed by the author. I am in the process of determining if the local command line overflow is exploitable or not. The other issue may be dependant on if your OS will allow you to...