11 matches found
New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The...
[SA19323] RunIt "chpst" Multiple Groups Handling Security Issue
TITLE: RunIt "chpst" Multiple Groups Handling Security Issue SECUNIA ADVISORY ID: SA19323 VERIFY ADVISORY: http://secunia.com/advisories/19323/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: runit 1.x http://secunia.com/product/8850/ DESCRIPTION: Tino Keitel ha...
RunIt chpst privilege escalation
It's possible to obtain root group privilege...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
DEBIAN-CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
Code injection
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
CVE-2006-1319 concerns chpst in runit 1.3.3-1 (Debian GNU/Linux) when compiled on little-endian i386 with dietlibc. The issue arises in how multiple groups are handled in the -u option, leading to incorrect permissions being assigned to the root group due to inconsistent gid_t bit sizes. Document...