23 matches found
CLSA-2025-1762800667 Fix CVE(s): CVE-2021-44038
SECURITY UPDATE: Unsafe chown/chmod operations in .service files - debian/patches/CVE-2021-44038.patch: remove chown/chmod commands from the .service files - CVE-2021-44038...
EUVD-2020-24103
Malware in sbrugna...
SUSE CVE-2021-44038
An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users with control of the non-root-owned directory /etc/quagga to escalate their privileges to root upon package installation or update...
Hardcoded credentials
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
UBUNTU-CVE-2020-36657
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
PT-2023-11825 · Uptime · Uptimed
Name of the Vulnerable Software and Affected Versions: uptimed versions prior to 0.4.6-r1 Description: The issue allows local users with access to the uptimed user account to gain root privileges. This is achieved by creating a hard link within the /var/spool/uptimed directory, taking advantage o...
CVE-2020-36657
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
CVE-2020-36657
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
CVE-2020-36657
uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...
Quagga <= 1.2.4 Privilege Escalation Vulnerability
Quagga is prone to a privilege escalation vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
AZL-7336 CVE-2021-44038 affecting package quagga 1.2.4-15
An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users with control of the non-root-owned directory /etc/quagga to escalate their privileges to root upon package installation or update...
CVE-2020-7221
mysqlinstalldb in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of authpamtooldir/authpamtool. NOTE: this does not affect the Oracle MySQL product,...
UBUNTU-CVE-2020-7221
mysqlinstalldb in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of authpamtooldir/authpamtool. NOTE: this does not affect the Oracle MySQL product,...
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 6 (Important) (RHSA-2018:0002)
"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0002 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Re...
jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...