15 matches found
EUVD-2014-0511
Malware in sbrugna...
SYS.2.3.A15
Partitionen und Verzeichnisse, in denen Benutzer Schreibrechte haben, SOLLTEN so gemountet werden, dass keine Dateien ausgefuehrt werden koennen Mountoption SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
OPENSUSE-SU-2020:2046-1 Security update for dash
This update for dash fixes the following issues: - Fixed an issue where code was executed even if noexec '-n' was specified bsc1178978. This update was imported from the SUSE:SLE-15:Update update project...
SUSE-SU-2020:3480-1 Security update for dash
This update for dash fixes the following issues: - Fixed an issue where code was executed even if noexec '-n' was specified bsc1178978...
Linux: noexec option on /var/tmp
The noexec mount option specifies that the filesystem cannot contain special devices. Since the /var/tmp filesystem is not intended to support devices, set this option to ensure that users cannot attempt to create block or character special devices in /var/tmp. SPDX-FileCopyrightText: 2020...
CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
Input validation
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
Fedora 19 : chkrootkit-0.49-9.fc19 (2014-7090)
A quoting issue was found in chkrootkit which would lead to a file in /tmp/ being executed, if /tmp/ was mounted without the noexec option. chkrootkit is typically run as the root user. A local attacker could use this flaw to escalate their privileges. Note that Tenable Network Security has...
chkrootkit LTS security update
Package : chkrootkit Version : 0.49-4+deb6u1 CVE ID : CVE-2014-0476 Thomas Stangner discovered a vulnerability in chkrootkit, a rootkit detector, which may allow local attackers to gain root access when /tmp is mounted without the noexec option...
CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
UBUNTU-CVE-2014-0476
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...
Debian Security Advisory DSA 2945-1 (chkrootkit - security update)
Thomas Stangner discovered a vulnerability in chkrootkit, a rootkit detector, which may allow local attackers to gain root access when /tmp is mounted without the noexec option. OpenVAS Vulnerability Test $Id: deb2945.nasl 6637 2017-07-10 09:58:13Z teissa $ Auto-generated from advisory DSA 2945-1...
initramfs-tools weak permissions
/run is mounted withour noexec option...