A basic proof of concept (a crasher) is attached to this advisory. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation other Linux distributions are certainly vulnerable, and probably exploitable. Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. tags | exploit systems | linux, redhat, fedora advisories | CVE-2016-5425 SHA-256 | 903a0ee785179782b1e32acadddf0c0d236bad5fe9aa7a732795ae129d42f00e Download | Favorite | View Sequoia: A Deep Root In Linux's Filesystem Layer Posted Authored by Qualys Security Advisory This module was tested against Tomcat 7.0.54-3 on Fedora 21. Depending on the system in use, the execution of systemd-tmpfiles could also be triggered by other services, cronjobs, startup scripts etc. systemd-tmpfiles is executed by default on boot on RedHat-based systems through rvice. With this weak permission, you are able to inject commands into the systemd-tmpfiles service to write a cron job to execute a payload. The configuration files in tmpfiles.d are used by systemd-tmpfiles to manage temporary files including their creation. This Metasploit module exploits a vulnerability in RedHat based systems where improper file permissions are applied to /usr/lib/tmpfiles.d/nf for Apache Tomcat versions before 7.0.54-8. tags | exploit systems | linux, fedora SHA-256 | ac80117ac673973985c2dd78f43ddd88009c6d2d28c771696ceaab5aceb3f410 Download | Favorite | View Apache Tomcat Privilege Escalation Posted Authored by h00die, Dawid Golunski | Site GNOME Files version 43.4 (nautilus) on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges. GNOME Files 43.4 Privilege Escalation Posted Authored by Georgi Guninski
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |