3209 matches found
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-1477)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-26936
The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when using the default setuid-root configuration, allows a local attacker to escalate privileges to root by specifying video output paths in privileged locations...
Sorcery Authorization Issues Vulnerability
An authorization issue vulnerability exists in ReplaySorcery that originates when using the default setuid root configuration, allowing a local attacker to escalate privileges to root by specifying the video output path in a privileged location...
Exploit for Off-by-one Error in Sudo_Project Sudo
This repository contains exploits for the CVE-2021-3156 vulnerability, which affects the Linux kernel. The vulnerability allows an attacker to gain root privileges by exploiting a flaw in the way the kernel handles the "setuid" system call. The repository contains two exploit files: "exploit.c" a...
Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)
Exploit Title: Solaris 10 1/13 Intel - 'dtprintinfo' Local Privilege Escalation 2 Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 Intel / raptordtprintcheckdirintel.c - Solaris/Intel 0day? LPE...
CentOS 8 : glibc (CESA-2020:1828)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1828 advisory. - glibc: LDPREFERMAP32BITEXEC not ignored in setuid binaries CVE-2019-19126 Note that Nessus has not tested for this issue but has instead relied only on the...
CVE-2021-0223
A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary commands as root. telnetd.real is shipped with setuid permissions enabled and is owned by the root user, allowing local...
Information disclosure
A sensitive information disclosure vulnerability in delta-export configuration utility dexp of Juniper Networks Junos OS may allow a locally authenticated shell user the ability to create and read database files generated by the dexp utility, including password hashes of local users. Since dexp i...
Privilege escalation
A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary commands as root. telnetd.real is shipped with setuid permissions enabled and is owned by the root user, allowing local...
NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0117)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive...
Privilege Escalation
s3d is vulnerable to privilege escalation. The pipeinitterminal function in main.c allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier...
Privilege Escalation
s3d is vulnerable to privilege escalation. The ptyinitterminal and pipeinitterminal functions in main.c allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier...
Privilege Escalation
Super is vulnerable to privilege escalation. The vulnerability existed because it does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors...
CVE-2020-28046
An issue was discovered in ProlinOS through 2.4.161.8859R. An attacker with local code execution privileges as a normal user MAINAPP can escalate to root privileges by exploiting the setuid installation of the xtables-multi binary and leveraging the ip6tables --modprobe switch...
CentOS 7 : glibc (RHSA-2020:3861)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3861 advisory. - On the x86-64 architecture, the GNU C Library aka glibc before 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable during program execution aft...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0043)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum...
Debian: Security Advisory (DLA-2401-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-26880
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...
CVE-2020-26880
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...
CVE-2020-26880
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...