-
Operating System: Fedora ≈ Packet Storm
Dec 21, 2023 | 14:20 pm
A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. It has been dubbed Looney Tunables. This issue allows an local attacker to use maliciously crafted GLIBC_TUNABLES when launching binaries with SUID[…]
Read more...
-
Operating System: Fedora ≈ Packet Storm
Aug 8, 2023 | 15:54 pm
GNOME Files version 43.4 (nautilus) on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges.
Read more...
-
Operating System: Fedora ≈ Packet Storm
Mar 14, 2023 | 14:39 pm
This Metasploit module exploits a vulnerability in RedHat based systems where improper file permissions are applied to /usr/lib/tmpfiles.d/tomcat.conf for Apache Tomcat versions before 7.0.54-8. The configuration files in tmpfiles.d are used by systemd-tmpfiles to manage temporary files including their creation.[…]
Read more...
-
Operating System: Fedora ≈ Packet Storm
Jul 21, 2021 | 16:10 pm
Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset[…]
Read more...
-
Operating System: Fedora ≈ Packet Storm
Jun 22, 2021 | 19:20 pm
Fedora with Gnome has an issue where it is not using fscaps safely.
Read more...
-
Operating System: Fedora ≈ Packet Storm
Mar 5, 2020 | 20:57 pm
netkit-telnet version 0.17 telnetd on Fedora 31 BraveStarr remote code execution exploit.
Read more...
-
Operating System: Fedora ≈ Packet Storm
Dec 23, 2019 | 21:02 pm
This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been tested successfully on Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE and[…]
Read more...
-
Operating System: Fedora ≈ Packet Storm
Nov 27, 2019 | 23:02 pm
Grub2 has grub2-set-bootflag setuid in the new Fedora release and has the ability to corrupt the environment.
Read more...
-
Operating System: Fedora ≈ Packet Storm
Apr 19, 2019 | 13:28 pm
This Metasploit module attempts to gain root privileges by exploiting a vulnerability in the staprun executable included with SystemTap version 1.3. The staprun executable does not clear environment variables prior to executing modprobe, allowing an arbitrary configuration file to be[…]
Read more...
-
Operating System: Fedora ≈ Packet Storm
Nov 28, 2018 | 01:51 am
This Metasploit module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18, and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user namespaces and kernel uid/gid mappings allow elevation to root (CVE-2018-18955). The target system must have unprivileged user[…]
Read more...