90 matches found
Progress Flowmon Local sudo privilege escalation
This module abuses a feature of the sudo command on Progress Flowmon. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. This includes executing a PHP command with a specific file name. If the file is overwritten with PHP code it c...
PT-2024-13349 · Teledyne Flir · Teledyne Flir M300
Name of the Vulnerable Software and Affected Versions: Teledyne FLIR M300 versions 2.00 through 2.00-19 Description: An issue was discovered in the web server of the affected software, allowing unauthenticated remote code execution. This can be exploited by sending a POST request to the vulnerabl...
RHEL 5 : sudo (RHSA-2019:4191)
The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:4191 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
GHSA-7C6P-848J-WH5H Composer code execution and possible privilege escalation via compromised InstalledVersions.php or installed.php
Impact Several files within the local working directory are included during the invocation of Composer and in the context of the executing user. As such, under certain conditions arbitrary code execution may lead to local privilege escalation, provide lateral user movement or malicious code...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) security update
An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) security update
An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
EulerOS Virtualization 2.11.0 : dmidecode (EulerOS-SA-2023-2751)
According to the versions of the dmidecode package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of...
SUSE CVE-2023-7090
A flaw was found in sudo in the handling of ipahostname, where ipahostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.10055)
The version of AHV installed on the remote host is prior to 20220304.10055. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.10055 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.385)
The version of AHV installed on the remote host is prior to 20220304.385. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.385 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.2.6)
The version of AOS installed on the remote host is prior to 6.5.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.2.6 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 -...
SUSE CVE-2006-0151
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158...
SUSE CVE-2007-3149
sudo, when linked with MIT Kerberos 5 krb5, does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5 environment variable settings. NOTE: another researcher...
SUSE CVE-2010-2956
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence...
Amazon Linux AMI : sudo, sudo-devel (ALAS-2023-1682)
It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1682 advisory. In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user- provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append...
CentOS 7 : sudo (RHSA-2023:0291)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0291 advisory. - In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user- provided environment variables SUDOEDITOR, VISUAL, and...
OpenStack Kolla sudo privilege escalation vulnerability
Talos Vulnerability Report TALOS-2022-1589 OpenStack Kolla sudo privilege escalation vulnerability December 20, 2022 CVE Number CVE-2022-38060 SUMMARY A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers...
Privilege Escalation admin user to root user
Description "admin" user has sudo rights and can gain root access. By default sudo installation "admin" group has root rights. "admin" user created by hestia installation and this user is also in "admin" group. if the attackers access "admin" user, can gain root access. Proof of Concept...
EulerOS 2.0 SP8 : sssd (EulerOS-SA-2021-2646)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire subcommands. Thi...
OracleVM 3.4 : sudo (OVMSA-2021-0012)
The remote OracleVM system is missing necessary patches to address security updates: - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single...