CVE-2017-5618

GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions...

GNU Screen 4.5.0 - Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits Commit f86a374 "screen.c: adding permissions check for the logfile name", 2015-11-04 The check opens the logfile with full root privileges. This allows us to truncate any file or create a root-owned file with any contents in any directory and...

GNU Screen 4.5.0 - Local Privilege Escalation (PoC)

GNU Screen 4.5.0 - Local Privilege Escalation PoC Commit f86a374 "screen.c: adding permissions check for the logfile name", 2015-11-04 The check opens the logfile with full root privileges. This allows us to truncate any file or create a root-owned file with any contents in any directory and can ...

GNU Screen 4.5.0 - Local Privilege Escalation (PoC)

Commit f86a374 "screen.c: adding permissions check for the logfile name", 2015-11-04 The check opens the logfile with full root privileges. This allows us to truncate any file or create a root-owned file with any contents in any directory and can be easily exploited to full root access in several...

Security update for icinga (important)

This update for icinga includes various upstream fixes and the following security security fixes: - icinga was updated to version 1.14.0 - the classic-UI was vulnerable to a cross site scripting attack CVE-2015-8010, boo952777 - A user with nagios privileges could have gained root privileges by...

Damon Database Management System DBA Account Remote Buffer Overflow Vulnerability

Damon Database Management System is a database management system introduced by Damon, abbreviated as DM. The latest version of Damon Database Management System, version 7.1.5.145, suffers from a buffer overflow vulnerability, where an attacker logging in with DBA privileges can cause the service ...

UBUNTU-CVE-2016-1255

The pgctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04...

CVE-2016-1255

The pgctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04...

Debian DLA-751-1 : nagios3 security update

Nagios was found to be vulnerable to two security issues that, when combined, lead to a remote root code execution vulnerability. Fortunately, the hardened permissions of the Debian package limit the effect of those to information disclosure, but privilege escalation to root is still possible...

Debian DLA-588-2 : mongodb security update

This is an update of DLA-588-1. The previous build had revision number that was considered lower than the one in wheezy and was therefore not installed at upgrade. The text for DLA-588-1 is included here for reference with some improvement. Two security related problems have been found in the...

[SECURITY] [DLA 588-1] mongodb security update

Package : mongodb Version : 2.0.6-1+deb7u1 CVE ID : CVE-2016-6494 Debian Bug : 832908, 833087 Two security related problems have been found in the mongodb package, related to logging. CVE-2016-6494 World-readable .dbshell history file TEMP-0833087-C5410D Bruteforcable challenge responses in...

OracleVM 3.2 : xen (OVMSA-2016-0090)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/HVM: correct CPUID leaf 80000008 handling - 6c733e54 xsa173010001-x86-HVM-correct-CPUID-leaf-80000008-handl ing.patch was based on upstream commit: ef437690af8b75e6758dce77af75a22b63982883 x86/HVM...

openSUSE Security Update : ntp (openSUSE-2016-649)

This update for ntp fixes the following issues : - Update to 4.2.8p7 boo977446 : - CVE-2016-1547, boo977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. - CVE-2016-1548, boo977461: Interleave-pivot - CVE-2016-1549, boo977451: Sybil vulnerability: ephemeral association attack. - CVE-2016-1550,...

Unrestricted qemu logging

ISSUE DESCRIPTION When the libxl toolstack launches qemu for HVM guests, it pipes the output of stderr to a file in /var/log/xen. This output is not rate-limited in any way. The guest can easily cause qemu to print messages to stderr, causing this file to become arbitrarily large. IMPACT The disk...

xen-tools -- Unrestricted qemu logging

The Xen Project reports: When the libxl toolstack launches qemu for HVM guests, it pipes the output of stderr to a file in /var/log/xen. This output is not rate-limited in any way. The guest can easily cause qemu to print messages to stderr, causing this file to become arbitrarily large. The disk...

Windows - Primitive Keylogger to File Null Free Shellcode (431 (0x01AF) bytes)

/ ; Exploit Title: All windows null free shellcode - primitave keylogger to file - 431 0x01AF bytes ; Date: Sat Apr 23 18:34:25 GMT 2016 ; Exploit Author: Fugu ; Vendor Homepage: www.microsoft.com ; Version: all afaik ; Tested on: Win7 im guessing it will work on others ; Note: it will write to...

iThemes Security <= 5.3.0 - Insecure Backup/Logfile Generation

The iThemes Security formerly Better WP Security WordPress plugin was affected by an Insecure Backup/Logfile Generation security vulnerability...

WordPress iThemes Security Insecure Backup / Logfile Generation

-------------------------------------- ISSUE 1: Wordpress iThemes Security Better WP Security Insecure Backup/Logfile Generation access rights ================================================================================================== Description =========== A vulnerability has been found ...

Xceedium Xsuite Directory Traversal Vulnerability

Xceedium Xsuite is a unified identity management solution from Xceedium that provides access control, monitoring and logging capabilities for hybrid cloud environments. The solution supports access control policies based on roles or individual users. A directory traversal vulnerability exists in...

CVE-2015-4666

CVE-2015-4666 affects Xceedium Xsuite 2.4.4.5 and earlier, exposing a directory-traversal flaw in the opm/read_sessionlog.php script. The vulnerability allows unauthenticated users to read arbitrary files via the logFile parameter using a quadruple dot and slash pattern (....//), potentially expo...