PT-2024-37817 · Provd +2 · Provd +2

Name of the Vulnerable Software and Affected Versions: provd versions prior to 0.1.5 Description: An issue was discovered in provd with a setuid binary, which allows a local attacker to escalate their privilege. Recommendations: For versions prior to 0.1.5, update to version 0.1.5 or later to...

CVE-2024-38531

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...

CVE-2024-38531

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...

UBUNTU-CVE-2024-38531

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...

CVE-2024-38531

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...

CVE-2024-38531

CVE-2024-38531 affects the Nix package manager. A build process can access and modify the permissions of the build directory, and after a setuid binary is created in a globally accessible location, a local attacker could assume the permissions of a Nix daemon worker and hijack all future builds. ...

CVE-2024-38531 Nix sandbox escape

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...

IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability

Talos Vulnerability Report TALOS-2023-1691 IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability April 24, 2023 CVE Number CVE-2023-28528 SUMMARY An OS command injection vulnerability exists in the invscout setUID binary functionality of IBM Corporation AIX 7.2. A...

PT-2023-13547 · Amanda +2 · Amanda +2

Name of the Vulnerable Software and Affected Versions: Amanda version 3.5.1 Description: The issue allows privilege escalation from a regular user backup to root. A SUID binary located at /lib/amanda/rundump executes /usr/sbin/dump as root with controlled arguments from the attacker, which may le...

CVE-2023-24039

CVE-2023-24039 affects Common Desktop Environment 1.6, specifically the ParseColors function in libXm. A stack-based buffer overflow can be exploited by local, low-privilege users via the dtprintinfo setuid binary to escalate to root on Solaris 10. Several connected sources confirm the issue and ...

CVE-2021-3020

An issue was discovered in ClusterLabs Hawk aka HA Web Konsole through 2.3.0-15. It ships the binary hawkinvoke built from tools/hawkinvoke.c, intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root with an attempt to limit this to safe...

PT-2022-3261

Name of the Vulnerable Software and Affected Versions Dominion Voting Systems ImageCast X affected versions not specified Description The issue is related to errors in access control, allowing an attacker to execute arbitrary code with elevated privileges by exploiting a system-level service. Thi...

ROS-20220128-01

The vulnerability in the Polkit library for UNIX-like operating systems is related to improper handling of the number of call parameters in the pkexec setuid binary, which causes the binary to executes environment variables as commands. Exploitation of the vulnerability could allow an attacker to...

[SECURITY] Fedora 32 Update: bubblewrap-0.4.1-1.fc32

Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces...

CVE-2019-19544

CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life EOL status on April 1, 201...

CVE-2019-4447

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpumdebug is a setuid root binary which trusts the PATH environment variable. A low privileged user can execute arbitrary commands as root by altering the PATH variable to point to a...

PT-2019-17087 · Ibm +1 · Ibm Db2 High Performance Unload +1

Name of the Vulnerable Software and Affected Versions: IBM DB2 High Performance Unload load for LUW versions 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 Description: The issue concerns a setuid root binary db2hpum debug that trusts the PATH environment variable. A...

systemd DynamicUser SetUID Binary Creation

systemd: DynamicUser can create setuid binaries when assisted by another process Related CVE Numbers: CVE-2019-3844. I am sending this bug report to Ubuntu as requested by systemd at . This bug report describes a bug in systemd that allows a service with DynamicUser in collaboration with another...

CVE-2016-10729

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root...

MagniComp SysInfo Information Disclosure Vulnerability - Linux

MagniComp SysInfo is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...