Lucene search
K

631 matches found

OSV
OSV
added 2016/03/15 12:28 p.m.5 views

USN-2933-1 exim4 vulnerabilities

It was discovered that Exim incorrectly filtered environment variables when used with the perlstartup configuration option. If the perlstartup option was enabled, a local attacker could use this issue to escalate their privileges to the root user. This issue has been fixed by having Exim clean th...

7CVSS7.3AI score0.05901EPSS
Exploits13References3
ArchLinux
ArchLinux
added 2015/07/24 12:0 a.m.38 views

libuser: multiple issues

CVE-2015-3245 denial of service It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system...

7.2CVSS2.3AI score0.06797EPSS
Exploits10References3
Tenable Nessus
Tenable Nessus
added 2015/06/15 12:0 a.m.19 views

FreeBSD : security/ossec-hids-* -- root escalation via syscheck feature (c470db07-1098-11e5-b6a8-002590263bf5)

OSSEC reports : The CVE-2015-3222 vulnerability, which allows for root escalation via sys check has been fixed in OSSEC 2.8.2. This issue does not affect agents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

7CVSS6.8AI score0.01991EPSS
Exploits4References5
Packet Storm
Packet Storm
added 2015/06/12 12:0 a.m.47 views

OSSEC 2.8.1 Local Root Escalation

Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon that monitors file changes on a system, called...

5.3CVSS6.9AI score0.01991EPSS
Exploits4
0day.today
0day.today
added 2015/06/11 12:0 a.m.156 views

OSSEC 2.7 <= 2.8.1 - Local Root Escalation Vulnerability

Exploit for linux platform in category local exploits Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon th...

6.9CVSS0.01991EPSS
Exploits4
exploitpack
exploitpack
added 2015/06/11 12:0 a.m.26 views

OSSEC 2.7 2.8.1 - diff Local Privilege Escalation

OSSEC 2.7 2.8.1 - diff Local Privilege Escalation Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon that...

6.9CVSS0.7AI score0.01991EPSS
Exploits4
Exploit DB
Exploit DB
added 2015/06/11 12:0 a.m.42 views

OSSEC 2.7 &lt; 2.8.1 - &#039;diff&#039; Local Privilege Escalation

Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon that monitors file changes on a system, called...

7CVSS7AI score0.01991EPSS
Exploits4
FreeBSD
FreeBSD
added 2015/06/11 12:0 a.m.22 views

security/ossec-hids-* -- root escalation via syscheck feature

OSSEC reports: The CVE-2015-3222 vulnerability, which allows for root escalation via sys check has been fixed in OSSEC 2.8.2. This issue does not affect agents...

7CVSS6.8AI score0.01991EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/09/12 12:0 a.m.24 views

FreeBSD : security/ossec-hids-* -- root escalation via temp files (36858e78-3963-11e4-ad84-000c29f6ae42)

OSSEC reports : This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just...

7.2CVSS5.5AI score0.02497EPSS
Exploits3References3
FreeBSD
FreeBSD
added 2014/09/09 12:0 a.m.30 views

security/ossec-hids-* -- root escalation via temp files

OSSEC reports: This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just...

7.2CVSS6.4AI score0.02497EPSS
Exploits3References1
Debian
Debian
added 2014/08/11 8:10 p.m.12 views

[SECURITY] [DSA 2984-2] acpi-support regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-2984-2 [email protected] http://www.debian.org/security/ Raphael Geissert August 11, 2014 http://www.debian.org/security/faq -...

7.2AI score
Exploits0
OSV
OSV
added 2014/08/11 12:0 a.m.13 views

DSA-2984-2 acpi-support - regression update

Bulletin has no description...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/24 12:0 a.m.20 views

Debian DSA-2984-1 : acpi-support - security update

CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUSSESSIONBUSADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

6.9CVSS5.6AI score0.00272EPSS
Exploits0References3
Debian
Debian
added 2014/07/22 5:54 p.m.18 views

[SECURITY] [DSA 2984-1] acpi-support security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2984-1 [email protected] http://www.debian.org/security/ Luciano Bello July 22, 2014 http://www.debian.org/security/faq -...

6.9CVSS6.3AI score0.00272EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/07/22 12:0 a.m.24 views

Debian Security Advisory DSA 2984-1 (acpi-support - security update)

CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUSSESSIONBUSADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script. OpenVAS Vulnerability Test $Id: deb2984.nasl 6724 2017-07-14 09:57:17Z teissa $...

6.9CVSS0.2AI score0.00272EPSS
Exploits0References1
OSV
OSV
added 2014/07/22 12:0 a.m.11 views

DSA-2984-1 acpi-support - security update

Bulletin has no description...

6.9CVSS6.3AI score0.00272EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.16 views

Debian: Security Advisory (DSA-2984-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.5AI score0.00272EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

ContentKeeper Web Remote Command Execution

No description provided by source. $Id: contentkeeperwebmimencode.rb 10617 2010-10-09 06:55:52Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/09/17 12:0 a.m.39 views

Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

7.2CVSS0.9AI score0.08128EPSS
Exploits11
0day.today
0day.today
added 2013/09/17 12:0 a.m.64 views

Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation

This Metasploit module abuses a command injection on the clearkeys.pl perl script, installed with the Sophos Web Protection Appliance, to escalate privileges from the "spiderman" user to "root". This Metasploit module is useful for post exploitation of vulnerabilities on the Sophos Web Protection...

7.2CVSS7.1AI score0.08128EPSS
Exploits11
Rows per page
Query Builder