4 matches found
systemd 246 - Local Privilege Escalation
Exploit Title: systemd 246 - Local Privilege Escalation Exploit Author: Iyaad Luqman K init6 Application: systemd 246 Tested on: Ubuntu 22.04 CVE: CVE-2023-26604 systemd 246 was discovered to contain Privilege Escalation vulnerability, when the systemctl status command can be run as root user. Th...
pam: pam_env and pam_mail accessing users' file with root privileges
The 1 pamenv and 2 pammail modules in Linux-PAM aka pam before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a...
USN-159-1: unzip vulnerability
If a ZIP archive contains binaries with the setuid and/or setgid bit set, unzip preserved those bits when extracting the archive. This could be exploited by tricking the administrator into unzipping an archive with a setuid-root binary into a directory the attacker can access. This allowed the...
CVE-2003-0261
fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges...