739 matches found
CVE-2013-4559
lighttpd before 1.4.33 does not check the return value of the 1 setuid, 2 setgid, or 3 setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fai...
Design/Logic Flaw
lighttpd before 1.4.33 does not check the return value of the 1 setuid, 2 setgid, or 3 setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fai...
CVE-2013-4559
lighttpd before 1.4.33 does not check the return value of the 1 setuid, 2 setgid, or 3 setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fai...
CVE-2013-4559
lighttpd before 1.4.33 does not check the return value of the 1 setuid, 2 setgid, or 3 setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fai...
[SECURITY] [DSA 2795-1] lighttpd security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2795-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 13, 2013 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2795-2 (lighttpd - several vulnerabilities)
Several vulnerabilities have been discovered in the lighttpd web server. It was discovered that SSL connections with client certificates stopped working after the DSA-2795-1 update of lighttpd. An upstream patch has now been applied that provides an appropriate identifier for client certificate...
[SECURITY] [DSA 2795-1] lighttpd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2795-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 13, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2795-1] lighttpd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2795-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 13, 2013 http://www.debian.org/security/faq -...
Amazon Linux AMI : dbus (ALAS-2012-128)
It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, by setting specific environment variables before running a setuid or setgid application linked against the...
Oracle Linux 5 : acpid (ELSA-2009-1642)
The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-1642 advisory. 1.0.4-9.el54.1 - Resolves: 515062 CVE-2009-4033 acpid: log file created with random permissions Tenable has extracted the preceding description block directly...
Glibc 2.11.3 / 2.12.x LD_AUDIT libmemusage.so Local Root
!/bin/sh + Glibc /tmp/payload.c /dev/null echo "+ Filling the lib file with lib contents." cat /tmp/exploit /lib/sploit.so rm /tmp/payload.c /tmp/exploit echo "+ Executing payload.." LDAUDIT="sploit.so" ping...
RHEL 5 : kernel (RHSA-2010:0079)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel...
CentOS Update for dbus CESA-2012:1261 centos6
Check for the Version of dbus OpenVAS Vulnerability Test CentOS Update for dbus CESA-2012:1261 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Scientific Linux Security Update : rpm on SL4.x i386/x86_64
It was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading or removing packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set,...
Scientific Linux Security Update : rpm on SL5.x i386/x86_64
It was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set, even if the...
Scientific Linux Security Update : kernel on SL4.x i386/x86_64
These new kernel packages contain fixes for the security issues described below : - a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a denial of service or potential remote access. Exploitation would require the attacker to be able to send arbitrary frames over the ISDN netwo...
CentOS Update for glibc CESA-2011:0412 centos5 x86_64
Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2011:0412 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
linux/x86 shellcode - setuid(0)+setgid(0)+add user iph without password - 124 bytes
/ Exploit Title: Linux/x86 Polymorphic ShellCode - setuid0+setgid0+add user 'iph' without password to /etc/passwd setuid - setgid - open - write - close - exit Date: 30/12/2011 Author: pentesters.ir Tested on: Linux x86 - CentOS 6.0 - 2.6.32-71 Website: http://pentesters.ir/ Contact:...
Linux/x86 Polymorphic ShellCode - setuid0+setgid0+add user 'iph' without password to /etc/passwd
Linux/x86 Polymorphic ShellCode - setuid0+setgid0+add user 'iph' without password to /etc/passwd. Shellcode exploit for linx86 platform / Exploit Title: Linux/x86 Polymorphic ShellCode - setuid0+setgid0+add user 'iph' without password to /etc/passwd setuid - setgid - open - write - close - exit...
Trend Micro InterScan Web Security Suite Local Privilege Escalation
Added: 12/09/2011 BID: 50380 OSVDB: 76637 Background Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway. Problem Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability...