6 matches found
Network Manager VPNC 1.2.6 - 'Username' Local Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Network Manager VPNC Username Privilege Escalation', 'Description' = %q This module exploits an injection vulnerability in the Network Manager VP...
Network Manager VPNC Username Privilege Escalation
This module exploits an injection vulnerability in the Network Manager VPNC plugin to gain root privileges. This module uses a new line injection vulnerability in the configured username for a VPN network connection to inject a Password helper configuration directive into the connection...
DEBIAN-CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
UBUNTU-CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
Network Manager VPNC Elevation of Privilege Vulnerability
Network Manager VPNC plugin networkmanager-vpnc is a virtual network manager that supports connection to Cisco VPN. A security vulnerability exists in the Network Manager VPNC plugin prior to version 1.2.6, which stems from a newline character that can be used to inject the password helper...