37 matches found
CVE-2025-71263
In UNIX Fourth Research Edition v4, the su command is vulnerable to a buffer overflow due to the 'password' variable having a fixed size of 100 bytes. A local user can exploit this to gain root privileges. It is unlikely that UNIX v4 is running anywhere outside of a very small number of lab...
EUVD-1999-1174
Malware in sbrugna...
EUVD-2019-9137
Malware in sbrugna...
EUVD-2006-0628
Malware in sbrugna...
EUVD-1999-0317
Malware in sbrugna...
EUVD-2025-6493
Malicious code in bioql PyPI...
Ensure That the su Command Inherits the User Environment Variables Without Escalating Privileges
The su command enables a common user to have the permissions of the superuser or other users. It is often used for switching the user from a common user to the root user. The su command provides a convenient way for users to change their identities. However, if the su command is run without...
CVE-2019-19519
In OpenBSD 6.6, local users can use the su -L option to achieve any login class often excluding root because there is a logic error in the main function in su/su.c...
CVE-1999-0317
Buffer overflow in Linux su command gives root access to local users...
CVE-2025-2398
A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been rated as critical. This issue affects some unknown processing of the component CLI su Command Handler. The manipulation leads to use of default credentials...
CVE-2025-2398
A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been rated as critical. This issue affects some unknown processing of the component CLI su Command Handler. The manipulation leads to use of default credentials...
CVE-2023-25173
containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be ab...
SUSE CVE-2005-4890
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process...
Red Lion DA50N has an unspecified vulnerability
The Red Lion DA50N is a series of secure edge network gateways from Red Lion, U.S.A. A security vulnerability exists in the Red Lion DA50N that could be exploited by an attacker to elevate to root access using the su command...
Linux / Unix su Privilege Escalation Exploit
This Metasploit module attempts to create a new login session by invoking the su command of a valid username and password. If the login is successful, a new session is created via the specified payload. Because su forces passwords to be passed over stdin, this module attempts to invoke a...
Linux / Unix su Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Login to Another User with Su on Linux / Unix Systems', 'Description' = %q This module attempts to create a new login session by invoking the su...
CVE-2020-10789
openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInterface.php...
Design/Logic Flaw
openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInterface.php...
Linux: ALWAYS_SET_PATH in /etc/login.defs
su allows to run commands with a substitute user and group ID. When called with no user specified, su defaults to running an interactive shell as root. When user is specified, additional arguments can be supplied, in which case they are passed to the shell. If ALWAYSSETPATH is set to yes in...
CVE-2005-4890
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process...