EUVD-1999-1371

Malware in sbrugna...

EUVD-2022-2941

Malicious code in bioql PyPI...

Puppet Privilege Escallation

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

GHSA-77HG-G8CC-5R37 Puppet Privilege Escallation

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

Debian suidmanager 0.18 Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/94/info /usr/bin/suidexec will execute arbitrary commands as root, as soon as just one suid root shell script can be found on the system: Just invoke /usr/bin/suidexec your program /path/to/script - it will happily execut...

Amazon Linux AMI : puppet (ALAS-2012-53)

Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login. The changeuser method in the SUIDManager...

DEBIAN-CVE-2012-1053

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

CVE-2012-1053

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

Design/Logic Flaw

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

CVE-2012-1053

CVE-2012-1053 affects Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, plus Puppet Enterprise (PE) Users 1.0–2.0.x before 2.0.3. The vulnerability lies in the SUIDManager’s change_user method, which fails to drop supplementary groups in certain cases, allows eguid/egid mismatches, and can add ...

CVE-2012-1053

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

CVE-2012-1053

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

Puppet Privilege Escallation

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

Medium: puppet

Issue Overview: Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login. The changeuser method in...

CVE-2012-1053

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

Debian Security Advisory DSA 059-1 (man-db)

The remote host is missing an update to man-db announced via advisory DSA 059-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-1999-1390

CVE-1999-1390 affects suidexec in suidmanager 0.18 on Debian 2.0, where local users can gain root privileges by specifying a malicious program on the command line. The issue is a local privilege escalation; the exact root cause is not fully detailed in the provided documents. Affected component i...

Debian suidmanager 0.18 - Command Execution

source: https://www.securityfocus.com/bid/94/info /usr/bin/suidexec will execute arbitrary commands as root, as soon as just one suid root shell script can be found on the system: Just invoke /usr/bin/suidexec /path/to/script - it will happily execute your program with euid = 0. This is completel...

Debian suidmanager 0.18 - Command Execution

Debian suidmanager 0.18 - Command Execution source: https://www.securityfocus.com/bid/94/info /usr/bin/suidexec will execute arbitrary commands as root, as soon as just one suid root shell script can be found on the system: Just invoke /usr/bin/suidexec /path/to/script - it will happily execute...