Смотрите также связанные темы
29.01.2018 A Security Vulnerability in Sun Java System Access Manager May Allow Privilege Escalation of Sub-Realm Administrators
A security vulnerability in Sun Java System Access Manager may allow a sub-realm administrator to escalate their privileges and access the root realm as an administrator.
04.02.2018 CVE-2009-0062
Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.
12.03.2018 Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability
Cisco Unified Communications Manager, formerly CallManager, contains a privilege escalation vulnerability in the IP Phone Personal Address Book (PAB) Synchronizer feature that may allow an attacker to gain complete administrative access to a vulnerable Cisco Unified Communications Manager system.
03.06.2018 Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation
Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation.
23.10.2018 2010-10-22 - [slackware-security] glibc (SSA:2010-295-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] glibc (SSA:2010-295-01) New glibc packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/glibc-2.11.1-i486-4_slack13.1.txz: Rebuilt. Patched "dynamic linker expands $ORIGIN in setuid library search path". This security issue allows a local attacker to gain root if they can create a hard link ...
29.10.2018 2010-10-28 - [slackware-security] glibc (SSA:2010-301-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] glibc (SSA:2010-301-01) New glibc packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/glibc-2.11.1-i486-5_slack13.1.txz: Rebuilt. Patched "The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads." This security issue allows a local attacker to gain root b...
04.12.2018 Блог: TDL4 стал использовать 0-day уязвимость!
В начале декабря экспертами Лаборатории Касперского были обнаружены экземпляры вредоносной программы TDL4 (обновление TDSS), которые используют 0-day уязвимость для повышения привилегий в системах Windows 7/2008 x86/x64 (Windows Task Scheduler Privilege Escalation, CVE: 2010-3888 ). Данная уязвимость первоначально была обнаружена Лабораторией Касперского во вредоносной программе Stuxnet.
26.10.2018 Множественные уязвимости в FreeBSD
Удаленный пользователь может раскрыть важные данные, неавторизованно изменить данные, осуществить DoS-атаку и обойти ограничения безопасности.
04.09.2018 CVE-2008-3916
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component.
25.09.2018 CVE-2008-4247
ftpd in OpenBSD 4.3, FreeBSD 7.0, and NetBSD 4.0 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
|
