CVE-2018-20052

An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command...

CVE-2018-20052

An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command...

CVE-2018-20052

An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command...

CVE-2018-1903

IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532...

CVE-2018-1903

IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532...

CVE-2018-1903

CVE-2018-1903 affects IBM Sterling Connect:Direct for UNIX versions 6.0.0, 4.3.0, and 4.2.0. The IBM bulletin describes an elevation-of-privilege path where a user with restricted sudo access can manipulate the Connect:Direct UNIX component to gain full sudo privileges. Root cause: exploiting sud...

rootOS - macOS Root Helper

Tries to use various CVEs to gain sudo or root access. All exploits have an end goal of adding ALL ALL=ALL NOPASSWD: ALL to /etc/sudoers allowing any user to run sudo commands. Exploits CVE-2008-2830 CVE-2015-3760 CVE-2015-5889 CVE-2017-13872 AppleScript Dynamic Phishing Sudo Piggyback Link Run...

Nagios XI Cmdsubsys Command Injection (CVE-2018-15709; CVE-2018-15710)

An command injection vulnerability has been reported in the Command subsystem component of Nagios XI. The vulnerability is due to insufficient validation of command options submitted to ajaxhelper.php for the submitcommand action and the existence of a local privilege escalation vulnerability tha...

The vulnerability of the Sudo component of the Oracle Solaris operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the Sudo component in the Oracle Solaris operating system is related to insufficient access control. Exploiting this vulnerability could allow an attacker, working remotely, to gain access to protected information...

Flaw in snapd Allows Root Access to Linux Servers

A local privilege-escalation vulnerability in Canonical’s snapd package has been uncovered, which would allow any user to obtain administrator privileges and immediate root access to affected Linux system servers. Snapd is used by Linux users to download and install apps in the .snap file format...

snapd 2.37 (Ubuntu) - dirty_sock Local Privilege Escalation (1)

snapd 2.37 Ubuntu - dirtysock Local Privilege Escalation 1 !/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository...

snapd 2.37 (Ubuntu) dirty_sock Local Privilege Escalation

!/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available...

snapd < 2.37 (Ubuntu) - dirty_sock Local Privilege Escalation (2)

Exploit for linux platform in category local exploits !/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains t...

Photon OS 1.0: Sudo PHSA-2017-0021

An update of the sudo package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0021. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121703;...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in sudo.

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in sudo. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in sudo. Vulnerability Details CVEID: CVE-2016-7032 Description: Sudo could allow ...

Low: sssd

Issue Overview: The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. CVE-2018-10852...

Information Disclosure

sssd is vulnerable to information disclosure. The set of sudo rules in SSSD-sudo responder is configured with insecure permissions which would allow any user using the same raw protocol to read sudo rules for any user...

Arbitrary Command Execution

sudo is vulnerable to arbitrary command execution attacks. The vulnerability exists as Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

Privilege Escalation

sudo is vulnerable to privilege escalation. A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root...

Authorization Bypass

sudo is vulnerable to authorization bypass attacks. The vulnerability exists as sudonoexec.so in before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the...