11 matches found
EUVD-2017-6181
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-14681
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitra...
CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
P3Scan Design Vulnerabilities
P3Scan is a proxy server for email that scans for worms, Trojans and other malicious emails. A security vulnerability exists in daemon in P3Scan 3.0rc1 and earlier versions, which stems from the creation of the p3scan.pid file after the program has downgraded an account to non-root privileges. A...
UBUNTU-CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
Command injection
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
CVE-2017-14681
CVE-2017-14681 affects the P3Scan daemon (3.0_rc1 and earlier). The issue arises after the process downgrades to a non‑root account, where a non‑root user could modify the p3scan.pid file, potentially allowing them to terminate arbitrary processes via a root script that executes kill cat /pathnam...