Lucene search
K

24 matches found

RedHat Linux
RedHat Linux
added 2009/01/08 3:47 p.m.5 views

kernel: open() call allows setgid bit when user is not in new file's group

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

4.6CVSS7.1AI score0.02141EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2008/10/03 12:0 a.m.2 views

PT-2008-5180 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.19 Description: The issue allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to...

7.1CVSS6.3AI score0.03209EPSS
Exploits5References174
securityvulns
securityvulns
added 2003/05/03 12:0 a.m.29 views

HP-UX 11.0 /usr/bin/kermit

Hi! There are many buffer overflows in kermit on HP-UX 11.0 . I am sure it is vulnerable in other HP-UX versions, too, since "C-Kermit 6.0.192, 6 Sep 96, for HP-UX 10.00" is installed in HP-UX 11.0 by default. /usr/bin/kermit is setuid to bin and setgrp to daemon, so upon succesfull exploitation,...

7.8AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.26 views

CVE-2002-2334

Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users...

3.6CVSS7.1AI score0.00295EPSS
Exploits0References3
Rows per page
Query Builder