2 matches found
GHSA-CGF8-H3FP-H956 Pleaser privilege escalation vulnerability
please aka pleaser through 0.5.4 allows privilege escalation through the TIOCSTI and/or TIOCLINUX ioctl. If both TIOCSTI and TIOCLINUX are disabled, this cannot be exploited. Here is how to see it in action: $ cd "$mktemp -d" $ git clone --depth 1 https://gitlab.com/edneville/please.git $ cd...
PT-2023-21661 · Opendoas +1 · Opendoas +1
Name of the Vulnerable Software and Affected Versions: OpenDoas versions 6.8.2 and earlier Description: The issue allows privilege escalation due to sharing a terminal with the original session when TIOCSTI is available. TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable...