This is a Metasploit module for the argument processing bug in the polkit pkexec binary. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populate the proper environment variables. This exploit is architecture independent.
45168e34096e858ea0c2f1c2c12695c4121ec633a36c09aef6de9a8d95de3371Ubuntu Security Notice 5311-1 - It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information.
5efeeadac5a6cfae3bf4bb56fe44a99d061fa7f74da141e96f22e6b9dcf626d5Ubuntu Security Notice 5300-2 - USN-5300-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly obtain sensitive information. It was discovered that PHP incorrectly handled certain scripts with XML parsing functions. An attacker could possibly use this issue to obtain sensitive information.
8d289bff69aa5a1c07a2ec7e6f761299daae4511e4dcce44a32c652a3e06a38eUbuntu Security Notice 5312-1 - It was discovered that HAProxy incorrectly handled certain headers. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service.
6b681e0a603f1158ee21ec54cc1c71c5126449b565ea37be9ba172558f9f9795
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed