8 matches found
CVE-2021-28250
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid and/or setgid file. When a component is run as an argument of the runpicEhealth executable, the script code will be executed as the ehealth user. NOTE: This vulnerability only affects products that ar...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3753-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3753-1 advisory. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could u...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3753-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3753-2 advisory. USN-3753-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
CVE-2010-2059
lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable 1...
DEBIAN-CVE-2005-4889
lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid or 2 setgid file, a related issue to CVE-2010-2059...
CVE-2004-2768
dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid file, 2 setgid file, or 3 device, a related issue to CVE-2010-2059...
CVE-2004-2768
dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable 1 setuid file, 2 setgid file, or 3 device, a related issue to CVE-2010-2059...
kernel: bug in GFS/GFS2 locking code leads to dos
The gfs2lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfslock function in the Linux kernel on Red Hat Enterprise Linux RHEL 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a...