9 matches found
Cisco Unified IP Phones 7900 Permissions, Privileges, and Access Controls (CVE-2011-1602)
The su utility on Cisco Unified IP Phones 7900 devices aka TNP phones with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Improper Privilege Management in shadow-maint/shadow
Description The su utility, if compiled with PAM support, uses waitpid internally to monitor its child process. It depends on the creation of zombie processes for proper monitoring, but the creation can be suppressed by ignoring the SIGCHLD signal see waitpid manual page. If su is spawned from a...
CVE-2017-2616
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions...
QNX RTOS 4.25/6.1 su Password Hash Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4914/info It has been reported that the 'su' utility for QNX RTOS accepts the SIGSEGV signal and dumps a world readable core file. An attacker is able to analyze the core file and obtain very sensitive information. It is...
CVE-2011-1602
The su utility on Cisco Unified IP Phones 7900 devices aka TNP phones with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426...
Code injection
The su utility on Cisco Unified IP Phones 7900 devices aka TNP phones with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426...
CVE-2011-1602
Cisco Unified IP Phones 7900 Series (TNP phones) are affected by CVE-2011-1602 due to two privilege-escalation vulnerabilities in the su utility. Devices with software before 9.0.3 could allow an authenticated local attacker to change phone configuration or disclose information; the CVSS base sco...
QNX RTOS 4.25/6.1 - su Password Hash Disclosure
source: https://www.securityfocus.com/bid/4914/info It has been reported that the 'su' utility for QNX RTOS accepts the SIGSEGV signal and dumps a world readable core file. An attacker is able to analyze the core file and obtain very sensitive information. It is very probable that this is a...
PT-1999-1398 · Sco · Su
Name of the Vulnerable Software and Affected Versions: SCO affected versions not specified Description: A buffer overflow issue in the su program allows local users to gain root access by providing a long username. Recommendations: At the moment, there is no information about a newer version that...