Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability

Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system...

EUVD-2017-5166

Malware in sbrugna...

EUVD-2017-9473

Malware in sbrugna...

EUVD-2017-3356

Malware in sbrugna...

CVE-2025-20292

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This...

SUSE CVE-2017-12172

PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provid...

[SECURITY] [DLA 2163-1] tinyproxy security update

Package : tinyproxy Version : 1.8.3-3+deb8u1 CVE ID : CVE-2017-11747 Debian Bug : 870307 948283 A minor security issue and a severe packaging bug have been fixed in tinyproxy, a lightweight http proxy daemon. CVE-2017-11747 main.c in Tinyproxy created a /var/run/tinyproxy/tinyproxy.pid file after...

CVE-2017-18348

Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non-root account, allows local users to gain privileges by leveraging access to that non-root account to modify $SPLUNKHOME/etc/splunk-launch.conf and insert Trojan horse programs into $SPLUNKHOME/bin, becau...

Design/Logic Flaw

Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non-root account, allows local users to gain privileges by leveraging access to that non-root account to modify $SPLUNKHOME/etc/splunk-launch.conf and insert Trojan horse programs into $SPLUNKHOME/bin, becau...

CVE-2017-18348

Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non-root account, allows local users to gain privileges by leveraging access to that non-root account to modify $SPLUNKHOME/etc/splunk-launch.conf and insert Trojan horse programs into $SPLUNKHOME/bin, becau...

tenshi: Privilege escalation

Background A log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. Description It was discovered that the tenshi ebuild creates a tenshi.pid file after dropping privileges to a non-root account. Impact A loca...

Debian: Security Advisory (DLA-1069-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for icinga2.pid modification before a root script...

CVE-2017-12172

PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provid...

CVE-2017-16882

Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account and similarly can have etc/icinga.cfg owned by a non-root account, which allows local users to gain privileges by leveraging access to this non-roo...

Design/Logic Flaw

Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account and similarly can have etc/icinga.cfg owned by a non-root account, which allows local users to gain privileges by leveraging access to this non-roo...

CVE-2017-16882

Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account and similarly can have etc/icinga.cfg owned by a non-root account, which allows local users to gain privileges by leveraging access to this non-roo...

CVE-2017-16882

Technical specifics for CVE-2017-16882 are not provided in the connected documents. The initial entry notes a local privilege escalation in Icinga Core up to v1.14.0 via non-root-owned bin/icinga and icinga.cfg, with related components mentioned. Monitor for updates.

Kannel Arbitrary Process Termination Vulnerability

Kannel is an open source WAP and SMS gateway from the Kannel team. A security vulnerability exists in Kannel 1.5.0 and earlier versions, which stems from a program that creates a PID file after downgrading an account to a non-root account. A local attacker can exploit the vulnerability to termina...

CVE-2017-14610

bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root scrip...