CVE-2022-31594

A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system...

GLSA-202305-19 : Firejail: Local Privilege Escalation

The remote host is affected by the vulnerability described in GLSA-202305-19 Firejail: Local Privilege Escalation - A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a joi...

snap-confine must_mkdir_and_open_with_perms() Race Condition

Qualys Security Advisory Race condition in snap-confine's mustmkdirandopenwithperms CVE-2022-3328 ======================================================================== Contents ======================================================================== Summary Background Exploitation...

CVE-2022-31214

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PwnKit Vulnerability - Local Privilege Escalation - Title:...

Check Point Response to CVE-2021-4034 - local privilege escalation in polkit's pkexec

Symptoms - A Local Privilege Escalation from any user to root was discovered in polkit's pkexec, a SUID-root program that is installed by default on every major Linux distribution. The vulnerability allows unprivileged users to run commands as privileged users according to predefined policies. Fo...

SUSE-SU-2020:1712-1 Security update for xawtv

This update for xawtv fixes the following issues: - CVE-2020-13696: Fixed an issue in setuid-root program that which could have allowed arbitrary file existence tests and open with ORDWR bsc1171655...

OPENSUSE-SU-2020:0787-1 Security update for xawtv

This update for xawtv fixes the following issues: - CVE-2020-13696: Fixed an issue in setuid-root program that which could have allowed arbitrary file existence tests and open with ORDWR boo1171655. This update was imported from the openSUSE:Leap:15.1:Update update project...

Security update for xawtv (moderate)

openSUSE Security Update: Security update for xawtv Announcement ID: openSUSE-SU-2020:0787-1 Rating: moderate References: 1171655 Cross-References: CVE-2020-13696 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for...

CVE-2020-13696

An issue was discovered in LinuxTV xawtv before 3.107. The function devopen in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to...

Microsoft to remove WoSign and StartCom certificates in Windows 10

Microsoft has concluded that the Chinese Certificate Authorities CAs WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program. Observed unacceptable security practices include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certifica...

HP-UX 10/11 NLSPATH Environment Variable Format String Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker could specify an arbitrary path...

Sudo 1.6.3 Unclean Environment Variable Root Program Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3871/info Sudo is a freely available, open source permissions management software package available for the Linux and Unix operating systems. It is maintained by Todd C. Miller. Under some circumstances, sudo does not...

Mis-issued ANSSI/DCSSI certificate — Mozilla

Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a man-in-the-middle MITM traffic management device. This certificate was issued by Agence nationale de la sécurité des systèmes d'information ANSSI, an agency of t...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4186)

This kernel update fixes the following security problems : - The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers IPV6RTHDRTYPE0 that create network amplification between two routers. CVE-2007-2242 The default is that RH0 is disabled now. To...

Fedora Update for mod_auth_shadow FEDORA-2010-6359

Check for the Version of modauthshadow OpenVAS Vulnerability Test Fedora Update for modauthshadow FEDORA-2010-6359 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CVE-2009-2669

A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the 1 LIBINITDBG and 2 LIBINITDBGFILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, relate...

Переполнение буфера и символьные линки в msgchk под Digital Unix (buffer overflow, symbolink link)

Переполнение буфера в suid root программе, символьные линки позволяют прочитать первую строчку любого файла...

gpm 1.18.11.19 Debian 2.x RedHat 6.x S.u.S.E 5.36.x - gpm Setgid

gpm 1.18.11.19 Debian 2.x RedHat 6.x S.u.S.E 5.36.x - gpm Setgid source: https://www.securityfocus.com/bid/1069/info A vulnerability exists in the gpm-root program, part of the gpm package. This package is used to enable mice on the consoles of many popular Linux distributions. The problem is a...

IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (4)

// source: https://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LCMESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's...