CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX

Vulnerability title: Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX CVE: CVE-2014-3074 Vendor: IBM Product: AIX Affected version: AIX 6.1 and 7.1 and VIOS 2.2. Reported by: Tim Brown Details: It has been identified that the runtime linker allows privilege escalati...

Desktop Linux Password Stealer and Privilege Escalation

This module steals the user password of an administrative user on a desktop Linux system when it is entered for unlocking the screen or for doing administrative actions using PolicyKit. Then, it escalates to root privileges using sudo and the stolen user password. It exploits the design weakness...

RedHat Update for mod_wsgi RHSA-2014:1091-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

mod_wsgi security update

3.4-12 - fix possible privilege escalation in setuid CVE-2014-0240...

AIX 7.1 TL 2 : malloc (IV62807)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

Race condition

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, related to...

CVE-2014-5033

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, related to...

CVE-2014-3074

The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program...

CVE-2014-3074

The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program. Recent assessments: timb-machine ...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is a practical application of Non Executable Stack Lovin - http://www.digitalmunition.com/NonExecutableLovin.txt This code currently jum...

HP-UX 10/11 NLSPATH Environment Variable Format String Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker could specify an arbitrary path...

Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (x86)

No description provided by source. !/usr/bin/perl getpwnedmail.pl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom This is a canibalized version of Kansas City POP Daemon Version 0.0 - Copyright c 1999 David Nicol [email protected] kevin-finisterres-mac-mini:...

kernel 2.2.x/2.4 .0-test1,SGI ProPack 1.2/1.3 Capabilities Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1322/info POSIX Capabilities have recently been implemented in the Linux kernel. These Capabilities are an additional form of privilege control to enable more specific control over what priviliged processes can do...

IBM UniVerse 10.0 .0.9 uvadmsh Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8203/info A vulnerability has been reported in the IBM U2 UniVerse uvadmsh program that could permit the uvadm user to execute arbitrary code with elevated privileges. The -uv.install option of the vulnerable program allo...

Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...

ISDN4Linux 3.1 IPPPD Device String SysLog Format String Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5437/info isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems. isdn4linux contains a format string vulnerability in the ipppd utility. In some...

FreeBSD 3.3,Linux Mandrake 7.0 'xsoldier' Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via ...

Caldera UnixWare 7.1.1 Message Catalog Environment Variable Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4060/info UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A format string vulnerability in the locale subsystem could lead ...

QNX RTOS 4.25/6.1 su Password Hash Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4914/info It has been reported that the 'su' utility for QNX RTOS accepts the SIGSEGV signal and dumps a world readable core file. An attacker is able to analyze the core file and obtain very sensitive information. It is...

SCO Open Server 5.0.5 X Library Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/638/info A buffer overflow vulnerability in the shared X library may allows local users to obtain higher privileges. Any setuid applications linked against the library are possibly vulnerable. The vulnerability is in the...