21 matches found
EUVD-2005-4342
Malware in sbrugna...
Debian Security Advisory DSA 1011-1 (kernel-patch-vserver, util-vserver)
The remote host is missing an update to kernel-patch-vserver, util-vserver announced via advisory DSA 1011-1. Several vulnerabilities have been discovered in the Debian vserver support for Linux. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4347 Bjø...
Debian: Security Advisory (DSA-1011-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2006-1656
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root...
CVE-2006-1656
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root...
Command injection
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root...
CVE-2006-1656
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root...
CVE-2006-1656
CVE-2006-1656 affects vserver (util-vserver) 0.30.209, where an invalid/non-numeric suexec userid parameter allows a local attacker to have commands executed as root, enabling local privilege escalation. Exploitation details are not provided in the supplied documents, and no remediation steps are...
CVE-2006-1656
Removed by vendor...
CVE-2005-4418
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities...
CVE-2005-4418
CVE-2005-4418 affects Debian vserver: util-vserver with kernel-patch-vserver, where the default policy trusts unknown capabilities, potentially allowing local privilege escalation. Root cause: insecure default policy in util-vserver components. Affected versions include kernel-patch-vserver 1.9.5...
CVE-2005-4347
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver...
CVE-2005-4347
CVE-2005-4347 affects Linux 2.4 kernel patch kernel-patch-vserver (and 2.x) for Debian; the chroot barrier is not set correctly in util-vserver, potentially permitting unauthorised escapes from a vserver to the host. OpenVAS/Debian DSAs describe that this vulnerability is limited to the 2.4 patch...
[SA19333] util-vserver Unknown Capabilities Handling Security Issue
TITLE: util-vserver Unknown Capabilities Handling Security Issue SECUNIA ADVISORY ID: SA19333 VERIFY ADVISORY: http://secunia.com/advisories/19333/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system SOFTWARE: util-vserver 0.x http://secunia.com/product/8846/ DESCRIPTION: A securi...
util-vserver restrictions bypass
All unknown capacities are allowed by default...
[SECURITY] [DSA 1011-1] New kernel-patch-vserver packages fix root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 1011-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1011-1] New kernel-patch-vserver packages fix root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 1011-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2005 http://www.debian.org/security/faq -...
DSA-1011-1 kernel-patch-server, util-vserver - missing attribute support
Bulletin has no description...
CVE-2005-4418
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities...
CVE-2005-4347
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver...