openSUSE Security Update : kernel (openSUSE-SU-2011:0860-1)

The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or simila...

openSUSE Security Update : kernel (openSUSE-SU-2011:0861-1)

The openSUSE 11.3 kernel was updated to 2.6.34.10 to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or...

GLSA-201406-01 : D-Bus, GLib: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201406-01 D-Bus, GLib: Privilege escalation When libdbus is used in a setuid program, a user can gain escalated privileges by leveraging the DBUSSYSTEMBUSADDRESS variable. GLib can be used in a setuid context with D-Bus, and so ca...

Design/Logic Flaw

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the 1 stdou...

CVE-2014-0181

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the 1 stdou...

CVE-2013-3951

sys/openbsd/stackprotector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the...

Path traversal

sys/openbsd/stackprotector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the...

Python-wrapper Untrusted Search Path / Code Execution

python-wrapper untrusted search path/code execution vulnerability Python-wrapper executes any test.py script within the current working directory, when supplied with help'modules'. A non-priviledged user may gain code execution by tricking root to help'modules' or help and then modules from withi...

Code injection

The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LDDEBUGOUTPUT and LDDEBUG environment variables when a program is spawned from a setuid program, which allows local users to overwrite files via a symlink attack...

CVE-2011-4060

The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LDDEBUGOUTPUT and LDDEBUG environment variables when a program is spawned from a setuid program, which allows local users to overwrite files via a symlink attack...

Debian DSA-2319-1 : policykit-1 - race condition

Neel Mehta discovered that a race condition in Policykit, a framework for managing administrative policies and privileges, allowed local users to elevate privileges by executing a setuid program from pkexec. The oldstable distribution lenny does not contain the policykit-1 package. %NASLMINLEVEL...

DEBIAN-CVE-2011-1485

Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...

CVE-2011-1485

Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...

CVE-2011-1485

Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...

CVE-2011-1658

ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...

CVE-2010-3853

pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pamnamespace PAM...

CVE-2010-3853

pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pamnamespace PAM...

CVE-2010-3853

pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pamnamespace PAM...

FreeBSD Security Advisory FreeBSD-SA-09:16.rtld

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:16.rtld Security Advisory The FreeBSD Project Topic: Improper environment sanitization in rtld1 Category: core Module: rtld Announced: 2009-12-03 Affects:...

How to find unix broiler-vulnerability warning-the black bar safety net

Why that is I and the x-laser together with looking for broiler? Because all our operations are all in the 3 3 8 9 broiler on. First of all, we are on to the same terminal, premise:the terminal is open,rather than doing it on your own,so that only the Terminal Services Manager can be usedand then...