Red Hat Security Advisory 2020-0540-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.
d55f3d0a153ac5e7887d94495d764685Red Hat Security Advisory 2020-0509-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.
44d67fb50244e13f157bd402372134d6Red Hat Security Advisory 2020-0498-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include cross site scripting and null pointer vulnerabilities.
be6712bb6e1b0b6fbcc03ea514fe6279Red Hat Security Advisory 2020-0487-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Issues addressed include a buffer overflow vulnerability.
612c85a9d2cb652539696e8f19c95fbcsmtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell meta-characters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
a5d9222315a88dc369bf246ac8d4d034This Metasploit module exploits a command injection in the MAIL FROM field during SMTP interaction with OpenSMTPD to execute code as the root user.
2b9fdae42ead941fa800754cf08e9965Ubuntu Security Notice 4268-1 - It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root.
790d961de63720b957664ca4b2256e8bxglance-bin local root privilege escalation exploit that has been tested on Linux RHEL 7.x/8.x systems.
69705e0421d4672ecab9269c7e454287Red Hat Security Advisory 2020-0388-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A privilege escalation vulnerability was addressed.
c01cf442081dc32b49eae3081561b242Debian Linux Security Advisory 4614-1 - Joe Vennix discovered a stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the "pwfeedback" option enabled. An unprivileged user can take advantage of this flaw to obtain full root privileges.
b8ce23ae3c877342694fbc6f85c091f9Debian Linux Security Advisory 4611-1 - Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of email addresses which could result in the execution of arbitrary commands as root. In addition this update fixes a denial of service by triggering an opportunistic TLS downgrade.
86b57c455931fcd59ee4f86326e684f4Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root.
a167abd4844564a180e18a022a305764This Metasploit module attempts to gain root privileges on Linux systems by abusing a NULL pointer dereference in the rds_atomic_free_op function in the Reliable Datagram Sockets (RDS) kernel module (rds.ko). Successful exploitation requires the RDS kernel module to be loaded. If the RDS module is not blacklisted (default); then it will be loaded automatically. This exploit supports 64-bit Ubuntu Linux systems, including distributions based on Ubuntu, such as Linux Mint and Zorin OS. This exploit does not bypass SMAP. Bypasses for SMEP and KASLR are included. Failed exploitation may crash the kernel. This module has been tested successfully on various 4.4 and 4.8 kernels.
e83495fea436d8a384500ace26357f2fA buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file. Note that Oracle Solaris CDE is based on the original CDE 1.x train, which is different from the CDE 2.x codebase that was later open sourced. Most notably, the vulnerable buffer in the Oracle Solaris CDE is stack-based, while in the open source version it is heap-based.
f61714fa339de224c3899e225d64a420A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris may allow local users to read partial contents of sensitive files. Due to the fact that target files must be in a very specific format, exploitation of this flaw to escalate privileges in a realistic scenario is unlikely.
d43954458731660f576f082539a29af3SunOS version 5.10 Generic_147148-26 local privilege escalation exploit. A buffer overflow in the CheckMonitor() function in the Common Desktop Environment versions 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file.
55c1e1683127ba3a3c82c35279e5e6dbDebian Linux Security Advisory 4601-1 - It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation.
693cc7f45920414191581d78799f2d01Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd.
6426b023a6749568c0e3de1d4ba2531aLocal root exploit for the FreeBSD mqueuefs vulnerability as disclosed in FreeBSD-SA-19:15.mqueuefs.
fa32a042469b8505c6692ec2c13703e4This Metasploit module uses Reptile rootkit's reptile_cmd backdoor executable to gain root privileges using the root command. This module has been tested successfully with Reptile from master branch (2019-03-04) on Ubuntu 18.04.3 (x64) and Linux Mint 19 (x64).
a45009c7d529d2cc46cd3ba0f3c2c122This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been tested successfully on Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.
ae11a67b34fba9d465c0f0b7d84392d0In the macOS kernel, the XNU function wait_for_namespace_event() in bsd/vfs/vfs_syscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fp_free(), which unconditionally frees the fileproc and fileglob. This opens up a race window during which the process could manipulate those objects while they're being freed. Exploitation requires root privileges.
cba1e82afa4ec28fd0073d6cfded8a11Qualys discovered a local privilege escalation in OpenBSD's dynamic loader (ld.so). This vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges. They developed a simple proof of concept and successfully tested it against OpenBSD 6.6 (the current release), 6.5, 6.2, and 6.1, on both amd64 and i386; other releases and architectures are probably also exploitable.
5cd25d74e467c8f83e9ece30c0c6b982Inim Electronics SmartLiving SmartLAN/G/SI versions 6.x and below suffer from a remote root command execution vulnerability.
fa5b04b87f4f1fdd3b909cfc78a8b51dRed Hat Security Advisory 2019-4191-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A privilege escalation vulnerability has been addressed.
b3aa81372e4847ca631a49474175167b
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed