10 matches found
EUVD-2016-1315
Malware in sbrugna...
EUVD-2005-4881
Malware in sbrugna...
RHEL 7 : coreutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - coreutils: Non-privileged session can escape to the parent session in chroot CVE-2016-2781 - In GNU...
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2020-1620)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2005-4890
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process...
AZL-6800 CVE-2016-2568 affecting package polkit 0.119-4
pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
DEBIAN-CVE-2016-2568
pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...
SUSE-SU-2017:0340-1 Security update for policycoreutils
This update for policycoreutils fixes the following issues: CVE-2016-7545: nonpriv session can escape to parent bsc1000998...
SUSE-SU-2017:0338-1 Security update for policycoreutils
This update for policycoreutils fixes the following issues: CVE-2016-7545: nonpriv session can escape to parent bsc1000998...
Input validation
An issue was discovered in Linux Containers LXC before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the container...