147 matches found
UBUNTU-CVE-2020-28007
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory owned by a non-root user, a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem...
DEBIAN-CVE-2021-27851
A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build...
CVE-2021-27851
A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build...
CVE-2021-27851
A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build...
CVE-2021-27851 Local privilege escalation in GNU Guix via guix-daemon and '--keep-failed'
A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build...
SUSE: Security Advisory (SUSE-SU-2019:2781-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Privilege Escalation
bullseye is vulnerable to privilege escalation.The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build directory world-writable. The user then creates a hardlink to a root-owned file such as /etc/shadow in that build directory. ...
CVE-2020-28935
A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying th...
CVE-2019-19792
A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to escalate privileges by appending data to root-owned files...
CVE-2019-19792
A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to escalate privileges by appending data to root-owned files...
F5 Networks BIG-IP : BIG-IP Edge Client for macOS vulnerability (K49827114)
BIG-IP Edge Client for macOS may allow unprivileged users to access files owned by the root account. CVE-2019-6668 Impact BIG-IP Edge Client may allow an unprivileged user on the affected macOS device to get ownership of files owned by the root account on the local client host. C Tenable Network...
CVE-2011-3349
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation...
openSUSE Security Update : nfs-utils (openSUSE-2019-2435)
This update for nfs-utils fixes the following issues : - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
OPENSUSE-SU-2019:2435-1 Security update for nfs-utils
This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733 This update was imported from the SUSE:SLE-15-SP1:Update update project...
Security update for nfs-utils (moderate)
openSUSE Security Update: Security update for nfs-utils Announcement ID: openSUSE-SU-2019:2435-1 Rating: moderate References: 1150733 Cross-References: CVE-2019-3689 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for nfs-uti...
openSUSE: Security Advisory for nfs-utils (openSUSE-SU-2019:2408-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for nfs-utils (moderate)
openSUSE Security Update: Security update for nfs-utils Announcement ID: openSUSE-SU-2019:2408-1 Rating: moderate References: 1150733 Cross-References: CVE-2019-3689 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for nfs-uti...
SUSE SLED15 / SLES15 Security Update : nfs-utils (SUSE-SU-2019:2782-1)
This update for nfs-utils fixes the following issues : CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automaticall...
SUSE-SU-2019:2782-1 Security update for nfs-utils
This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733...
SUSE-SU-2019:2781-1 Security update for nfs-utils
This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733...