Ubuntu Update for eglibc, glibc vulnerability USN-1009-2

Ubuntu Update for Linux kernel vulnerabilities USN-1009-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN10092.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for eglibc, glibc vulnerability USN-1009-2 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-1009-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : eglibc, glibc vulnerability (USN-1009-2)

USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watson discovered that the fixes were incomplete and introduced flaws with setuid programs loading libraries that used dynamic string tokens in their RPATH. If the 'man' program was installed setuid, a local attacker could exploit this ...

os-x/x86 intel - setuid shell x86_64 - 51 bytes

Exploit for os-x/x86 platform in category shellcode ========================================== OSX/Intel - setuid shell x8664 - 51 bytes ========================================== / Title: OSX/Intel - setuid shell x8664 - 51 bytes Date: 2010-11-25 Tested on: Mac OS X 10.6.5 - Darwin Kernel Versio...

OSX/Intel - setuid shell x86_64 - 51 bytes

OSX/Intel - setuid shell x8664 - 51 bytes. Shellcode exploit for osx platform / Title: OSX/Intel - setuid shell x8664 - 51 bytes Date: 2010-11-25 Tested on: Mac OS X 10.6.5 - Darwin Kernel Version 10.5.0 Author: Dustin Schultz - twitter: @thexploit http://thexploit.com BITS 64 section .text globa...

pam: pam_xauth missing return value checks from setuid() and similar calls

The runcoprocess function in pamxauth.c in the pamxauth module in Linux-PAM aka pam before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pamxauth PAM check...

pam: pam_namespace executes namespace.init with service's environment

pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pamnamespace PAM...

Mandriva Update for pam MDVSA-2010:220 (pam)

Check for the Version of pam OpenVAS Vulnerability Test Mandriva Update for pam MDVSA-2010:220 pam Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs

elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LDAUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object DSO located in an arbitrary...

glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

nSense-2010-003: Cisco Unified Communications Manager

nSense Vulnerability Research Security Advisory NSENSE-2010-003 --------------------------------------------------------------- Affected Vendor: Cisco Systems, Inc Affected Product: Cisco Unified Communications Manager Platform: All Impact: Privilege Escalation Vendor response: Patch. IntelliShie...

Cisco Unified Communications Manager Privilege Escalation

nSense Vulnerability Research Security Advisory NSENSE-2010-003 --------------------------------------------------------------- Affected Vendor: Cisco Systems, Inc Affected Product: Cisco Unified Communications Manager Platform: All Impact: Privilege Escalation Vendor response: Patch. IntelliShie...

NetBSD Larn 'Games'组本地特权提升漏洞

Bugtraq ID: 44293 NetBSD是一款基于BSD的操作系统。 当game从setuid更改为setgid时larn没有进行更新-把用户IDs替代为组IDs，这意味着当试图下降到低特权级别时，没有任何事情发生。因此game一直以game组权限运行，并可以games组权限进行各种如写或保存文件操作。 保存文件可写入/var/games可覆盖或破坏属于其他游戏的文件。 NetBSD 4.0 厂商解决方案 已经修补的源文件可从NetBSD CVS库中获得： CVS branch file revision ------------- ----------------...

The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads.

The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads ------------------------------------------------------------------------------- Czesc, This advisory describes CVE-2010-3856, an addendum to CVE-2010-3847. Please see http://seclists.org/fulldisclosure/2010/Oct/257 fo...

glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

The GNU C library dynamic linker expands $ORIGIN in setuid library search path

The GNU C library dynamic linker expands $ORIGIN in setuid library search path ------------------------------------------------------------------------------ Gruezi, This is CVE-2010-3847. The dynamic linker or dynamic loader is responsible for the runtime linking of dynamically linked programs...

RedHat Update for glibc RHSA-2010:0787-01

Check for the Version of glibc OpenVAS Vulnerability Test RedHat Update for glibc RHSA-2010:0787-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load Privilege Escalation

GNU C Library 2.x libc6 - Dynamic Linker LDAUDIT Arbitrary DSO Load Privilege Escalation Source: http://marc.info/?l=full-disclosure&m=128776663124692&w=2 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads...

GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load Privilege Escalation

Source: http://marc.info/?l=full-disclosure&m=128776663124692&w=2 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads ------------------------------------------------------------------------------- Cześć, This advisory describes CVE-2010-3856, an addendum to...

glibc, nscd security update

CentOS Errata and Security Advisory CESA-2010:0787 Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...