Lucene search
+L

74 matches found

nvd
nvd
added 2020/08/13 5:15 p.m.17 views

CVE-2020-24331

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file which contains various settings related to this daemon...

7.8CVSS7.4AI score0.00486EPSS
Exploits1References5
osv
osv
added 2020/08/13 5:15 p.m.7 views

CVE-2020-24332

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack...

5.5CVSS7.5AI score
Exploits0References5
osv
osv
added 2020/08/13 5:15 p.m.1 views

DEBIAN-CVE-2020-24332

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack...

5.5CVSS6.6AI score0.00553EPSS
Exploits1References1
osv
osv
added 2020/08/13 5:15 p.m.10 views

CVE-2020-24331

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file which contains various settings related to this daemon...

7.8CVSS7.5AI score
Exploits0References5
osv
osv
added 2020/08/13 5:15 p.m.14 views

CVE-2020-24330

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed...

7.8CVSS7.6AI score
Exploits0References5
prion
prion
added 2020/08/13 5:15 p.m.20 views

Code injection

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed...

7.2CVSS7.5AI score0.00486EPSS
Exploits1References5Affected Software2
osv
osv
added 2020/08/13 5:15 p.m.3 views

UBUNTU-CVE-2020-24330

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed...

7.8CVSS7.1AI score0.00486EPSS
Exploits1References5
ubuntucve
ubuntucve
added 2020/08/13 5:15 p.m.29 views

CVE-2020-24330

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed...

7.8CVSS7.1AI score0.00486EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2020/08/13 5:15 p.m.27 views

CVE-2020-24332

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack...

5.5CVSS6.8AI score0.00553EPSS
Exploits1References4
prion
prion
added 2020/08/13 5:15 p.m.26 views

Design/Logic Flaw

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file which contains various settings related to this daemon...

7.2CVSS7.5AI score0.00486EPSS
Exploits1References5Affected Software2
cve
cve
added 2020/08/13 4:19 p.m.160 views

CVE-2020-24330

CVE-2020-24330 affects TrouSerS (tcsd) through 0.3.14, where starting tcsd with root privileges prevents dropping the root gid when no longer needed, enabling local privilege escalation. Related issues CVE-2020-24331 and CVE-2020-24332 involve tcsd config/file permission and symlink-based DoS. Pu...

7.8CVSS7.5AI score0.00486EPSS
Exploits1References5Affected Software1
debiancve
debiancve
added 2020/08/13 4:19 p.m.25 views

CVE-2020-24330

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed...

7.8CVSS7.8AI score0.00486EPSS
Exploits1
cvelist
cvelist
added 2020/08/13 4:19 p.m.31 views

CVE-2020-24331

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file which contains various settings related to this daemon...

7.6AI score0.00486EPSS
Exploits1References5
cve
cve
added 2020/08/13 4:19 p.m.137 views

CVE-2020-24331

CVE-2020-24331 affects TrouSerS: when tcsd runs with root privileges, the tss user still has read/write access to /etc/tcsd.conf, enabling potential unauthorized modification of daemon settings. Root-privilege execution and file permission misconfiguration are the root causes. The CVE is discusse...

7.8CVSS7.4AI score0.00486EPSS
Exploits1References5Affected Software1
debiancve
debiancve
added 2020/08/13 4:19 p.m.35 views

CVE-2020-24331

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file which contains various settings related to this daemon...

7.8CVSS7.7AI score0.00486EPSS
Exploits1
debiancve
debiancve
added 2020/08/13 4:18 p.m.27 views

CVE-2020-24332

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack...

5.5CVSS6.5AI score0.00553EPSS
Exploits1
cve
cve
added 2020/08/13 4:18 p.m.136 views

CVE-2020-24332

CVE-2020-24332 affects TrouSerS up to version 0.3.14. When tcsd runs with root privileges, creating the system.data file is prone to symlink attacks, allowing the tss user to create or corrupt files and potentially cause a DoS. A fix is available in trousers 0.3.15 (and advisories note the issues...

5.5CVSS6.2AI score0.00553EPSS
Exploits1References5Affected Software1
ptsecurity
ptsecurity
added 2020/08/13 12:0 a.m.2 views

PT-2020-15684 · Trousers +6 · Trousers +6

Name of the Vulnerable Software and Affected Versions: TrouSerS versions prior to 0.3.14 Description: An issue was discovered where the creation of the system.data file is prone to symlink attacks if the tcsd daemon is started with root privileges. This could allow the tss user to create or corru...

7.8CVSS8.7AI score0.00553EPSS
Exploits4References43
freebsd
freebsd
added 2020/05/20 12:0 a.m.37 views

security/trousers -- several vulnerabilities

the TrouSerS project reports reports: If the tcsd daemon is started with root privileges, it fails to drop the root gid after it is no longer needed. If the tcsd daemon is started with root privileges, the tss user has read and write access to the /etc/tcsd.conf file. If the tcsd daemon is starte...

7.8CVSS4.4AI score0.00553EPSS
Exploits3References2
nessus
nessus
added 2015/01/19 12:0 a.m.34 views

Oracle Solaris Third-Party Patch Update : tcsd (cve_2012_0698_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service daemon crash via a crafted typeoffset value in a TCP packet to port 30003. CVE-2012-0698 %NASLMINLEVEL 70300 C Tenable Network...

5CVSS5.4AI score0.10509EPSS
Exploits2References3
Rows per page
Query Builder