41 matches found
EUVD-2017-11154
Malware in sbrugna...
EUVD-2004-0404
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-20148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because ...
CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
GLSA-202209-10 : Logcheck: Root privilege escalation
The remote host is affected by the vulnerability described in GLSA-202209-10 Logcheck: Root privilege escalation - In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive...
Logcheck: Root privilege escalation
Background Logcheck mails anomalies in the system logfiles to the administrator. Description The pkgpostinst phase of the Logcheck ebuilds recursively chown the /etc/logcheck and /var/lib/logcheck directories. If the logcheck adds hardlinks to other files in these directories, the chown call will...
CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
Privilege escalation
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
UBUNTU-CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
CVE-2017-20148
CVE-2017-20148 affects Gentoo Logcheck prior to patching: the ebuild logcheck-1.3.23.ebuild allows root privilege escalation from the logcheck user due to insecure recursive chown calls in pkg_postinst. The vulnerability arises in the Logcheck component installed on Gentoo systems, enabling a loc...
CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...
PT-2022-8014 · Logcheck · Logcheck
Name of the Vulnerable Software and Affected Versions: Logcheck versions through 1.3.23 Description: The issue allows for root privilege escalation from the logcheck user due to insecure recursive chown calls in the ebuild package for Logcheck on Gentoo. Recommendations: For versions through...
Gentoo 安全漏洞
Gentoo is an open source Linux system from the Gentoo Foundation. A security vulnerability exists in Gentoo logcheck-1.3.23.ebuild and earlier versions, which originates from an attacker being able to perform a root privilege elevation via "chown -R" in pkgpostinst...
AlienVault OSSIM and USM Authentication Bypass Vulnerability
AlienVault OSSIM and USM are both products of AlienVault Corporation, U.S.A. OSSIM is an open source security information management system. USM is a security management platform that provides security monitoring, security event management and reporting, and threat awareness system. A security...
CVE-2016-7955
The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain sensitive information, modify the application, or execute arbitrary code as root via an "AV Report...
CVE-2016-7955
The logcheck function in session.inc in AlienVault OSSIM before 5.3.1, when an action has been created, and USM before 5.3.1 allows remote attackers to bypass authentication and consequently obtain sensitive information, modify the application, or execute arbitrary code as root via an "AV Report...