RHEL 5 : xsa276_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xsa276 xen: resource accounting issues in x86 IOREQ server handling XSA-276 CVE-2018-19963 Note that Nessus has not...

RHEL 5 : xsa243_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xsa243 xen: x86: Incorrect handling of self-linear shadow mappings with translated guests XSA-243 CVE-2017-15592 No...

RHEL 5 : xsa240_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xsa240 xen: Unlimited recursion in linear pagetable de-typing XSA-240 CVE-2017-15595 Note that Nessus has not teste...

RHEL 5 : mysql-connector-odbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - mysql-connector-odbc: An unauthenticated attacker with network access can, via multiple protocols compromise MySQL...

RHEL 5 : vim_neovim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - vim/neovim: ':source!' command allows arbitrary command execution via modelines CVE-2019-12735 Note that Nessus has...

RHEL 5 : xsa233_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xsa233 xen: cxenstored: Race in domain cleanup XSA-233 CVE-2017-14317 Note that Nessus has not tested for this issu...

RHEL 5 : ed (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ed: Invalid free in regex.c CVE-2017-5357 Note that Nessus has not tested for this issue but has instead relied on...

RHEL 5 : poppler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - poppler: recursive function call in JBIG2Stream::readGenericBitmap in JBIG2Stream.cc causing denial of...

xglance-bin 11.00 - Privilege Escalation

Exploit Title: xglance-bin 11.00 - Privilege Escalation Exploit Author: Robert Jaroszuk and Marco Ortisi RedTimmy Security Date: 2020-02-01 Tested on: RHEL 5.x/6.x/7.x/8.x CVE: CVE-2014-2630 Disclamer: This exploit is for educational purpose only More details on...

Security Bulletin: A vulnerability in OpenSource GNU Glibc affect IBM Netezza Host Management

Summary OpenSource GNU Glibc is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-1000366 DESCRIPTION: Glibc could allow a local attacker to execute arbitrary code on the system, caused by a vulnerability that...

mysql55-mysql security update

5.5.40-2 filter perlGD from Requires perl-gd is not available for RHEL5 Resolves: 1160514 5.5.40-1 - Rebase to 5.5.40 Also fixes: CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6484 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555...

SuSE 10 Security Update : pcp (ZYPP Patch Number 8421)

pcp was updated to version 3.6.10 which fixes security issues and also brings a lot of new features. - Update to pcp-3.6.10. o Transition daemons to run under an unprivileged account. o Fixes for security advisory CVE-2012-5530: tmpfile flaws; bnc782967. o Fix pcp1 command short-form pmlogger...

GNU C library dynamic linker expands $ORIGIN in setuid library search path

Overview Certain versions of glibc unsafely handle the $ORIGIN ELF substitution sequence which can be exploited to gain local privilege escalation. Description Tavis Ormandy's advisory states:"$ORIGIN is an ELF substitution sequence representing the location of the executable being loaded in the...

GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load Privilege Escalation

GNU C Library 2.x libc6 - Dynamic Linker LDAUDIT Arbitrary DSO Load Privilege Escalation Source: http://marc.info/?l=full-disclosure&m=128776663124692&w=2 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads...

RHEL 5 : brltty (RHSA-2010:0181)

Updated brltty packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Test Join combined dictionary to crack a Linux password-vulnerability warning-the black bar safety net

The test environment, the RHEL5 system, The system root account a self-built account icnpunk one. root@localhost run ./ unshadow /etc/passwd /etc/shadow /tmp/passwd root@localhost run vim /tmp/passwd Delete not used rows, leaving only the need to hack the account:...

Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable

Title says it all, exploit is at: http://grsecurity.net/spender/cheddarbay.tgz Everything is described and explained in the exploit.c file. I exploit a bug that by looking at the source is unexploitable; I defeat the null ptr dereference protection in the kernel on both systems with SELinux and...

Linux 2.6.30+/SELinux/RHEL5 Test Kernel Local Root Exploit 0day

No description provided by source. / super fun 2.6.30+/RHEL5 2.6.18 local kernel exploit in /dev/net/tun A vulnerability which, when viewed at the source level, is unexploitable! But which, thanks to gcc optimizations, becomes exploitable : Also, bypass of mmapminaddr via SELinux vulnerability!...

Linux 2.6.30+/SELinux/RHEL5 Test Kernel Local Root Exploit 0day

Exploit for linux platform in category local exploits =============================================================== Linux 2.6.30+/SELinux/RHEL5 Test Kernel Local Root Exploit 0day =============================================================== / super fun 2.6.30+/RHEL5 2.6.18 local kernel explo...

CVE-2008-4993

qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file...