MGASA-2015-0352 Updated util-linux packages fix CVE-2015-5224

Updated util-linux packages fix security vulnerability: The chfn and chsh commands in util-linux's login-utils are vulnerable to a file name collision due to incorrect mkstemp usage. If the chfn and chsh binaries are both setuid-root they eventually call mkostemp in such a way that an attacker...

Updated util-linux packages fix CVE-2015-5224

Updated util-linux packages fix security vulnerability: The chfn and chsh commands in util-linux's login-utils are vulnerable to a file name collision due to incorrect mkstemp usage. If the chfn and chsh binaries are both setuid-root they eventually call mkostemp in such a way that an attacker...

CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

DEBIAN-CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

Design/Logic Flaw

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

CVE-2015-5198

libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAUDRIVERPATH environment variable...

SUSE-SU-2015:1892-1 Security update for libvdpau

libvdpau was updated to use securegetenv instead of getenv for several variables so it can be more safely used in setuid applications. CVE-2015-5198: libvdpau: incorrect check for security transition bnc943967 CVE-2015-5199: libvdpau: directory traversal in dlopen bnc943968 CVE-2015-5200: libvdpa...

UBUNTU-CVE-2015-5198

libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAUDRIVERPATH environment variable...

Updated glusterfs packages fix security vulnerability

There were cases where setuid could fail even when the caller is UID 0 The glusterd.service file was ommitted from the glusterfs package This update resolves both of these issues...

MGASA-2015-0334 Updated glusterfs packages fix security vulnerability

There were cases where setuid could fail even when the caller is UID 0 The glusterd.service file was set as executable but that is not necessary. This update resolves both of these issues...

MGASA-2015-0332 Updated glusterfs packages fix security vulnerability

There were cases where setuid could fail even when the caller is UID 0 The glusterd.service file was ommitted from the glusterfs package This update resolves both of these issues...

CVE-2015-2126

Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions...

CVE-2015-2126

HP-UX 11iv2/11iv3: the pppoec utility has a local privilege escalation via its setuid permissions. Attackers can gain root privileges through improper access permissions on /usr/bin/pppoec. HP’s workaround/patrol guidance (HP-UX HPSBUX03359) recommends removing the suid bit (chmod u-s /usr/bin/pp...

Medium: kernel

Issue Overview: A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capnglock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid system call, among others...

Linux Kernel (PonyOS 3.0) - TTY ioctl() Local Privilege Escalation

Linux Kernel PonyOS 3.0 - TTY ioctl Local Privilege Escalation / Exploit Title: PonyOS include include int main struct winsize ws; printf"+ PonyOS = 3.0 ioctl local root exploit\n"; memcpy&ws,"\x90\x90\x90\x90\x8b\x45\x08\x89",8; ioctl0, TIOCSWINSZ, &ws; ioctl0, TIOCGWINSZ, void 0x0010f101;...

PonyOS 3.0 tty ioctl() Privilege Escalation

Exploit Title: PonyOS include include int main struct winsize ws; printf"+ PonyOS = 3.0 ioctl local root exploit\n"; memcpy&ws,"\x90\x90\x90\x90\x8b\x45\x08\x89",8; ioctl0, TIOCSWINSZ, &ws; ioctl0, TIOCGWINSZ, void 0x0010f101; printf"- patched syssetuid\n"; asm"movl $0x18,%eax"; asm"xorl...

DEBIAN-CVE-2015-3339

Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...

CVE-2015-3339

Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...