Lucene search
K

34 matches found

UbuntuCve
UbuntuCve
added 2013/09/18 12:0 a.m.39 views

CVE-2013-1062

ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1...

4.6CVSS5.9AI score0.00358EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.24 views

Fedora 13 : nss_db-2.2.3-0.3.pre1.fc13 (2010-6203)

Stephane Chazelas reported that the nssdb module attempts to read a DBCONFIG file in the current directory when it is used. If the contents of the file can't be parsed properly, the copy of libdb which nssdb uses will print an error message. If nssdb is invoked from a setuid process, it may then...

1.9CVSS5.3AI score0.00376EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2009/11/03 6:21 p.m.2 views

kernel: /proc/$pid/maps visible during initial setuid ELF loading

The mmformaps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read 1 maps and 2 smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition...

2.1CVSS5.8AI score0.00393EPSS
Exploits1References4
Prion
Prion
added 2009/08/14 3:16 p.m.24 views

Race condition

The mmformaps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read 1 maps and 2 smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition...

2.1CVSS6AI score0.00393EPSS
Exploits1References17Affected Software1
CVE
CVE
added 2009/08/14 3:0 p.m.89 views

CVE-2009-2691

CVE-2009-2691 affects the Linux kernel (2.6.30.4 and earlier) via the mm_for_maps path in fs/proc/base.c, allowing a local attacker to read maps and smaps files under /proc during ELF loading for a setuid process, due to a race condition. Impact is information exposure (maps/smaps); exploitation ...

2.1CVSS6.3AI score0.00393EPSS
Exploits1References17Affected Software1
UbuntuCve
UbuntuCve
added 2009/08/10 12:0 a.m.30 views

CVE-2009-2691

The mmformaps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read 1 maps and 2 smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition...

2.1CVSS5.9AI score0.00393EPSS
Exploits1References1
seebug.org
seebug.org
added 2009/05/15 12:0 a.m.31 views

Linux Kernel 2.6.29 ptrace_attach() Local Root Race Condition Exploit

No description provided by source. / GNU/Linux kernel 2.6.29 ptraceattach local root race condition exploit. ========================================================================== This is a local root exploit for the 2.6.29 ptraceattach race condition that allows a process to gain elevated...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/05/14 12:0 a.m.38 views

Linux Kernel 2.6.29 ptrace_attach() Local Root Race Condition Exploit

Exploit for linux platform in category local exploits ===================================================================== Linux Kernel 2.6.29 ptraceattach Local Root Race Condition Exploit ===================================================================== / GNU/Linux kernel 2.6.29 ptraceatta...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2009/05/14 12:0 a.m.30 views

Linux Kernel 2.6.29 - ptrace_attach() Race Condition Privilege Escalation

Linux Kernel 2.6.29 - ptraceattach Race Condition Privilege Escalation / GNU/Linux kernel 2.6.29 ptraceattach local root race condition exploit. ========================================================================== This is a local root exploit for the 2.6.29 ptraceattach race condition that...

0.4AI score
Exploits0
CVE
CVE
added 2002/06/11 4:0 a.m.57 views

CVE-2002-0572

CVE-2002-0572 affects BSD-based systems (notably FreeBSD 4.5 and earlier); the issue arises when a local user closes standard input/output/error (FDs 0–2) and a subsequent setuid-invoked I/O operation reuses those descriptors, allowing read/write access to restricted files. Connected records corr...

7.2CVSS6AI score0.01552EPSS
Exploits1References9Affected Software4
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.29 views

CVE-2002-0572

FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 standard input, 1 standard output, or 2 standard error, which may then be reused by a called setuid process that intended to...

5.9AI score0.01552EPSS
Exploits1References9
Exploit DB
Exploit DB
added 2002/04/23 12:0 a.m.39 views

Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - 'exec C Library' Standard I/O File Descriptor Closure

/ source: https://www.securityfocus.com/bid/4568/info It has been reported that BSD-based kernels do not check to ensure that the C library standard I/O file descriptors 0-2 are valid open files before execing setuid images. Consequently, I/O that are opened by a setuid process may be assigned fi...

7AI score
Exploits0
exploitpack
exploitpack
added 2001/10/18 12:0 a.m.11 views

Linux Kernel 2.22.4 - PtraceSetuid Exec Privilege Escalation

Linux Kernel 2.22.4 - PtraceSetuid Exec Privilege Escalation source: https://www.securityfocus.com/bid/3447/info Linux contains a vulnerability in it's exec implementation that may allow for modification of setuid process memory via ptrace. The vulnerability is due to the fact that it is possible...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2001/10/18 12:0 a.m.36 views

Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Privilege Escalation

source: https://www.securityfocus.com/bid/3447/info Linux contains a vulnerability in it's exec implementation that may allow for modification of setuid process memory via ptrace. The vulnerability is due to the fact that it is possible for a traced process to exec a setuid image if the tracing...

7.4AI score
Exploits0
Rows per page
Query Builder