3209 matches found
SUSE-SU-2018:2709-1 Security update for spice-gtk
This update for spice-gtk fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling bsc1104448 - CVE-2018-10893: Avoid buffer overflow on image lz checks bsc1101295 Other bugs fixed: - Add setuid bit to spice-client-glib-usb-acl-helper...
Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by a security vulnerability (CVE-2016-0392)
Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow a local attacker to inject commands into setuid file parameters and execute commands as root. Vulnerability Details CVEID: CVE-2016-0392 DESCRIPTION: IBM General Parallel File...
Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2016-2985 and CVE-2016-2984)
Summary Security vulnerabilities have been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow: - a local attacker to execute commands as root by setting environment variables processed by setuid programs CVE-2016-2985 - a local attacker to execute commands as root by...
Security Bulletin: GPFS security vulnerabilities in IBM Storwize V7000 Unified (CVE-2016-0392)
Summary A fix is available for IBM Storwize V7000 Unified, for GPFS security vulnerabilities Vulnerability Details IBM General Parallel File System GPFS is a high-performance clustered file system. It is used in IBM Storwize V7000 Unified. CVEID: CVE-2016-0392 DESCRIPTION: IBM General Parallel Fi...
Security Bulletin: GPFS security vulnerabilities in IBM SONAS (CVE-2016-0392)
Summary A fix is available for IBM SONAS, for GPFS security vulnerability Vulnerability Details IBM General Parallel File System GPFS is a high-performance clustered file system. It is used in IBM SONAS. CVEID: CVE-2016-0392 DESCRIPTION: IBM General Parallel File System could allow a local attack...
MagniComp SysInfo Information Exposure
MagniComp SysInfo Information Exposure CVE-2018-7268 ====================================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/magnicomp-sysinfo-information-exposure.txt Overview -------- MagniComp SysInfo contains a information...
Security Bulletin: SetGID and SetUID programs in IBM Workload Scheduler can be exploited to obtain privilege escalation (CVE-2018-1386)
Summary SetGID and SetUID programs in IBM Workload Scheduler can be exploited to obtain root privileges Vulnerability Details Some programs in IBM Workload Scheduler are executed with elevated privileges SetGID and SetUID programs and have been compiled to search for libraries in an insecure...
Backdoorme - Powerful Auto-Backdooring Utility
Tools like metasploit are great for exploiting computers, but what happens after you've gained access to a computer? Backdoorme answers that question by unleashing a slew of backdoors to establish persistence over long periods of time. Once an SSH connection has been established with the target,...
GLSA-201805-15 : beep: Local privilege escalation
The remote host is affected by the vulnerability described in GLSA-201805-15 beep: Local privilege escalation A race condition, if setuid, was discovered in beep. Impact : A local attacker could escalate privileges. Workaround : There is no known workaround at this time. C Tenable Network Securit...
Enlightenment Window Manager setuid root helper local elevation of privilege vulnerability
Enlightenment Window Manager is a window manager for the X Window System that can be used alone or in conjunction with desktop environments such as GNOME, KDE, etc. The setuid root helper is one of the permission management applications. A local elevation of privilege vulnerability exists in the...
CVE-2018-9310
An issue was discovered in MagniComp SysInfo before 10-H82 if setuid root the default. This vulnerability allows any local user on a Linux/UNIX system to run SysInfo and obtain a root shell, which can be used to compromise the local system...
CVE-2014-1845
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...
DEBIAN-CVE-2014-1845
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...
Design/Logic Flaw
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...
UBUNTU-CVE-2014-1845
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...
CVE-2014-1845
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...
CVE-2014-1845
CVE-2014-1845 affects Enlightenment Window Manager, with a setuid root helper that can privilege escalate locally due to improper sanitization of the environment. Affected versions are prior to 0.17.6. The vulnerability is local and requires no user interaction beyond an attacker having local acc...
CVE-2014-1845
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...
kernel: exec/ptrace: get_dumpable() incorrect tests
A flaw was found in the way the getdumpable function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suiddumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive...
Linux/x86 - chmod 4755 /bin/dash Shellcode (33 bytes)
Linux/x86 - chmod 4755 /bin/dash Shellcode 33 bytes. Shellcode exploit for Linuxx86 platform / Title: chmod 4755 /bin/dash Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: setuid bit on /bin/dash Tested On: Ubuntu 14.04 Arch: x86 Size: 33 bytes global start section .te...