Lucene search
K

5 matches found

OSV
OSV
added 2009/01/21 12:0 a.m.17 views

DSA-1709-1 shadow - privilege escalation

Bulletin has no description...

7.2CVSS6.3AI score0.00949EPSS
Exploits1
securityvulns
securityvulns
added 2008/12/01 12:0 a.m.61 views

/bin/login gives root to group utmp

There is a group-utmp-to-root privilege escalation vulnerability in /bin/login in Debian, and I expect in all other Linux distros. For details and exploit please see http://bugs.debian.org/505271 Currently am not aware of any group utmp issues that could be leveraged to get root. Cheers, Paul Sza...

1.9AI score
Exploits0
securityvulns
securityvulns
added 2005/10/04 12:0 a.m.41 views

[SA17023] GNOME libzvt "gnome-pty-helper" Hostname Spoofing

TITLE: GNOME libzvt "gnome-pty-helper" Hostname Spoofing SECUNIA ADVISORY ID: SA17023 VERIFY ADVISORY: http://secunia.com/advisories/17023/ CRITICAL: Not critical IMPACT: Spoofing WHERE: Local system SOFTWARE: GNOME 2.x http://secunia.com/product/3277/ DESCRIPTION: Paul Szabo has reported a...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.28 views

Mandrake Linux Security Advisory : gzip (MDKSA-2003:068)

A vulnerability exists in znew, a script included with gzip, that would create temporary files without taking precautions to avoid a symlink attack. Patches have been applied to make use of mktemp to generate unique filenames, and properly make use of noclobber in the script. Likewise, a fix for...

2.1CVSS5.3AI score0.00446EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2000/12/22 12:0 a.m.26 views

ksh.temp-hole.txt

Author: Paul Szabo Recently I reported that, similarly to the recently discussed tcsh vulnerability, the Bourne shell /bin/sh creates temporary files in an insecure way: http://www.securityfocus.com/templates/archive.pike?list=1&msg=200011230225.N [email protected] At the time I als...

7.4AI score
Exploits0
Rows per page
Query Builder