Lucene search
K

142 matches found

Debian
Debian
added 2016/11/14 7:56 p.m.28 views

[SECURITY] [DLA 707-1] sudo security update

Package : sudo Version : 1.8.5p2-1+nmu3+deb7u2 CVE ID : CVE-2016-7032 CVE-2016-7076 Debian Bug : 842507 It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system, popen or wordexp C library functions with a user supplied argument. A...

7.8CVSS8AI score0.00493EPSS
Exploits0
OSV
OSV
added 2016/11/14 12:0 a.m.27 views

DLA-707-1 sudo - security update

Bulletin has no description...

7.8CVSS7.3AI score0.00493EPSS
Exploits0
FreeBSD
FreeBSD
added 2016/10/28 12:0 a.m.55 views

sudo -- Potential bypass of sudo_noexec.so via wordexp()

Todd C. Miller reports: A flaw exists in sudo's noexec functionality that may allow a user with sudo privileges to run additional commands even when the NOEXEC tag has been applied to a command that uses the wordexp function...

7.8CVSS3.7AI score0.00493EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/10/27 7:47 p.m.48 views

CVE-2016-7032

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system or popen C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use this flaw to execute...

7CVSS4.4AI score0.00337EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2016/10/27 7:47 p.m.19 views

CVE-2016-7076

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute...

7.8CVSS4.3AI score0.00493EPSS
Exploits0References2
Veeam
Veeam
added 2016/02/15 12:0 a.m.19 views

Script execution on Linux target fails with “Permission Denied” even when executed as root.

Challenge When interacting with Linux servers, Veeam Backup & Replication may encounter a "Permission Denied" error during script execution Pre-freeze, post-thaw, and repository data mover agent scripts, even when the account being used is the root user. Cause All script files are uploaded to and...

7.3AI score
Exploits0
0day.today
0day.today
added 2015/11/27 12:0 a.m.42 views

Linux 3.17 noexec Bypass with Python ctypes and memfd_create Vulnerability

Exploit for linux platform in category local exploits Exploit Title: Linux = 3.17 noexec bypass with python ctypes and memfdcreate Date: 2015.10.14 Exploit Author: soyer Version: linux = 3.17 Tested on: Ubuntu 15.04 x8664 usage: $ ls -la execfile -rwxr-xr-x 1 soyer soyer 8600 Oct 14 15:04 execfil...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2015/10/15 12:0 a.m.9 views

Linux Kernel 3.17 - Python ctypes and memfd_create noexec File Security Bypass

Linux Kernel 3.17 - Python ctypes and memfdcreate noexec File Security Bypass Exploit Title: Linux = 3.17 noexec bypass with python ctypes and memfdcreate Date: 2015.10.14 Exploit Author: soyer Version: linux = 3.17 Tested on: Ubuntu 15.04 x8664 usage: $ ls -la execfile -rwxr-xr-x 1 soyer soyer...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/10/15 12:0 a.m.78 views

Linux Kernel 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass

Exploit Title: Linux = 3.17 noexec bypass with python ctypes and memfdcreate Date: 2015.10.14 Exploit Author: soyer Version: linux = 3.17 Tested on: Ubuntu 15.04 x8664 usage: $ ls -la execfile -rwxr-xr-x 1 soyer soyer 8600 Oct 14 15:04 execfile $ ./execfile bash: ./execfile: Permission denied $...

7.4AI score
Exploits0
NVD
NVD
added 2014/10/25 10:55 p.m.23 views

CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

3.7CVSS7AI score0.03828EPSS
Exploits6References8
OSV
OSV
added 2014/10/25 10:55 p.m.7 views

CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

6.9AI score
Exploits0References8
Prion
Prion
added 2014/10/25 10:55 p.m.21 views

Input validation

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

3.7CVSS7.5AI score0.03828EPSS
Exploits6References8Affected Software2
Debian CVE
Debian CVE
added 2014/10/25 10:0 p.m.17 views

CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

3.7CVSS6.9AI score0.03828EPSS
Exploits6
OSV
OSV
added 2014/08/18 11:15 a.m.2 views

DEBIAN-CVE-2014-5207

fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...

6.2CVSS5.8AI score0.00888EPSS
Exploits6References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.39 views

chkrootkit 0.49 - Local Root Vulnerability

No description provided by source. We just found a serious vulnerability in the chkrootkit package, which may allow local attackers to gain root access to a box in certain configurations /tmp not mounted noexec. The vulnerability is located in the function slapper in the shellscript chkrootkit:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

Solaris 2.6/7.0 /locale Subsystem Format String

No description provided by source. / source: http://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.38 views

Fedora 19 : chkrootkit-0.49-9.fc19 (2014-7090)

A quoting issue was found in chkrootkit which would lead to a file in /tmp/ being executed, if /tmp/ was mounted without the noexec option. chkrootkit is typically run as the root user. A local attacker could use this flaw to escalate their privileges. Note that Tenable Network Security has...

3.7CVSS5.7AI score0.03828EPSS
Exploits6References4
Debian
Debian
added 2014/06/04 10:41 a.m.29 views

chkrootkit LTS security update

Package : chkrootkit Version : 0.49-4+deb6u1 CVE ID : CVE-2014-0476 Thomas Stangner discovered a vulnerability in chkrootkit, a rootkit detector, which may allow local attackers to gain root access when /tmp is mounted without the noexec option...

3.7CVSS6AI score0.03828EPSS
Exploits6
UbuntuCve
UbuntuCve
added 2014/06/04 12:0 a.m.30 views

CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

3.7CVSS6.3AI score0.03828EPSS
Exploits6References2
OSV
OSV
added 2014/06/04 12:0 a.m.4 views

UBUNTU-CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option...

3.7CVSS6.3AI score0.03828EPSS
Exploits6References3
Rows per page
Query Builder