20 matches found
EUVD-2006-2195
Malware in sbrugna...
EUVD-2014-0508
Malware in sbrugna...
Privilege Escalation
Super is vulnerable to privilege escalation. The vulnerability existed because it does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors...
CVE-2006-2916
A vulnerability was found in artswrapper in aRts. When running a setuid root, it does not check the return value of the setuid function call. This flaw allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. Mitigation Mitigation for th...
CVE-2006-2194
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM...
openSUSE Security Update : libgnomesu (openSUSE-SU-2011:0694-1)
The libgnomesu pam backend did not check the return value of the setuid functions. Local users could exploit that to gain root privileges CVE-2011-1946. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
CVE-2014-0470
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMITNPROC attack...
CVE-2014-0470
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMITNPROC attack...
Code injection
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMITNPROC attack...
CVE-2014-0470
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMITNPROC attack...
CVE-2014-0470
CVE-2014-0470 affects the Super package (version 3.30.0) where the setuid() return value is not checked when the -F flag is used, enabling local privilege escalation via an RLIMIT_NPROC scenario. Root cause: failure to verify setuid() result. Public references (e.g., Debian security advisory DSA-...
CVE-2014-0470
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMITNPROC attack...
CVE-2014-0470
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMITNPROC attack...
CVE-2013-4559
lighttpd before 1.4.33 does not check the return value of the 1 setuid, 2 setgid, or 3 setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fai...
CVE-2013-4559
lighttpd before 1.4.33 does not check the return value of the 1 setuid, 2 setgid, or 3 setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fai...
Hiawatha 'setuid' Local Privilege Escalation
According to its server response header, the installed version of Hiawatha is a version prior to 1.0b. A flaw exists in the 'setuid' function that could allow a local attacker to gain elevated privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69036;...
CVE-2011-1946
gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of thes...
CVE-2011-1946
gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of thes...
linux/x86 setuid(0) & execve(/bin/sh 0 0) shellcode 28 bytes
No description provided by source. -------------------ASM---------------------- global start section .text start: ;setuid0 xor ebx,ebx lea eax,ebx+17h cdq int 80h ;execve"/bin/sh",0,0 xor ecx,ecx push ecx push 0x68732f6e push 0x69622f2f lea eax,ecx+0Bh mov ebx,esp int 80h...
CVE-2006-2194
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM...