Security Hero Rotating Header Image

Escalation

Dovecot Insecure ‘base_dir’ Permissions Local Privilege Escalation Vulnerability

Vuln: Dovecot Insecure ‘base_dir’ Permissions Local Privilege Escalation Vulnerability

Dovecot Insecure ‘base_dir’ Permissions Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/37084

nilfs-utils Multiple Local Privilege Escalation Vulnerabilities

Vuln: nilfs-utils Multiple Local Privilege Escalation Vulnerabilities

nilfs-utils Multiple Local Privilege Escalation Vulnerabilities

URL: http://www.securityfocus.com/bid/35796

NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability

Vuln: NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability

NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/35740

SonicWALL Global VPN Client Local Privilege Escalation Vulnerability

Bugtraq: SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability

SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/archive/1/503832

SonicWALL Global Security Client Local Privilege Escalation Vulnerability

SEC Consult SA-20090525-2 :: SonicWALL Global Security Client Local Privilege Escalation Vulnerability

<!– Envelope-to: email@address Delivery-date: Tue, 26 May 2009 17:49:37 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M8zqL-0003G2-4l for email@address; Tue, 26 May 2009 17:49:37 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 4068823794B; Tue, 26 May 2009 09:57:47 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 28419 invoked from network); 26 May 2009 14:46:15 -0000 Local Privilege Escalation Vulnerability Bugtraq <bugtraq@securityfocus.com> Content-Type: text/plain; charset="UTF-8" Message-ID: <1243349183.5738.31.camel@b4byl0n> MIME-Version: 1.0 X-Mailer: Evolution 2.26.1 Content-Transfer-Encoding: quoted-printable X-IMAPbase: 1176125385 9193 Status: O X-UID: 9192 Content-Length: 2991 X-Keywords:

Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities

Vuln: Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities

Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities

URL: http://www.securityfocus.com/bid/35100

Microsoft validates web server vulnerability

Microsoft validates web server vulnerability

Microsoft on Tuesday confirmed the presence of a privilege-escalation vulnerability in its Internet Information Services web server — but said no exploits are underway.


URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/MRQDeMPNzOQ/

Linux Kernel ‘exit_notify()’ CAP_KILL Verification Local Privilege Escalation Vulnerability

Vuln: Linux Kernel ‘exit_notify()’ CAP_KILL Verification Local Privilege Escalation Vulnerability

Linux Kernel ‘exit_notify()’ CAP_KILL Verification Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/34405

Adobe Flash Media Server privilege escalation security bulletin, (Fri, May 1st)

Adobe Flash Media Server privilege escalation security bulletin, (Fri, May 1st)

>From their web site: A potential vulnerability has been identified in Flash Media Server 3.5.1 and earlier that could allow an attacker to execute remote procedures in Flash Media Interactive Server or Flash Media Streaming Server. Adobe recommends users update to the most current version of Flash Media Server (3.5.2 or 3.0.4 or greater)
Updates available to address Flash Media Server privilege escalation issue
Cheers,

Adrien de Beaupr

EWA-Canada.com

URL: http://isc.sans.org/diary.php?storyid=6307&rss

libvirt ‘libvirt_proxy.c’ Local Privilege Escalation Vulnerability

Vuln: libvirt ‘libvirt_proxy.c’ Local Privilege Escalation Vulnerability

libvirt ‘libvirt_proxy.c’ Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/33724

SLURM ‘sbcast’ and ‘strigger’ Group Permissions Local Privilege Escalation Vulnerability

Vuln: SLURM ‘sbcast’ and ‘strigger’ Group Permissions Local Privilege Escalation Vulnerability

SLURM ‘sbcast’ and ‘strigger’ Group Permissions Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/34638

DirectAdmin ‘/CMD_DB’ Restore Action Local Privilege Escalation Vulnerability

Vuln: DirectAdmin ‘/CMD_DB’ Restore Action Local Privilege Escalation Vulnerability

DirectAdmin ‘/CMD_DB’ Restore Action Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/34678

DirectAdmin lt 1.33.4 Local file overwrite amp Local root escalation

DirectAdmin lt 1.33.4 Local file overwrite amp Local root escalation

Posted by anony mous on Apr 22

Author: Anonymous
ReleaseID: d8253f15e447935c24ab38a215735931942a77717d7b55d84200d070d1e54d3b

The issue on http://www.directadmin.com/features.php?id=968 is larger than
the wording would…

URL: http://seclists.org/fulldisclosure/2009/Apr/0227.html

New slurm-llnl packages fix privilege escalation

[SECURITY] [DSA 1776-1] New slurm-llnl packages fix privilege escalation

<!– Envelope-to: email@address Delivery-date: Tue, 21 Apr 2009 17:12:57 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LwIaf-00019I-Jw for email@address; Tue, 21 Apr 2009 17:12:57 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id EA9462377B3; Tue, 21 Apr 2009 09:14:26 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 31654 invoked from network); 21 Apr 2009 10:24:24 -0000 Resent-Cc: recipient list not shown: ; Old-Return-Path: <thijs@loeki.tv> X-Original-To: lists-debian-security-announce@liszt.debian.org Delivered-To: lists-debian-security-announce@liszt.debian.org Message-Id: <20090421100231.281C1326874@morgana.loeki.tv> X-Virus-Scanned: at lists.debian.org with policy bank moderated X-Spam-Status: No, score=-9.08 tagged_above=3.6 required=5.3 tests=[BAYES_00=-2, FOURLA=0.1, FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_2=1, LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5, PHONENUMBER=1.5] X-Spam-Level: X-Debian: PGP check passed for security officers Priority: urgent Resent-Message-ID: <B8m8ywrRvqI.A.JyC.GCa7JB@liszt> Reply-To: listadmin@securityfocus.com Mail-Followup-To: bugtraq@securityfocus.com Resent-Date: Tue, 21 Apr 2009 10:31:34 +0000 (UTC) Resent-From: list@liszt.debian.org (Mailing List Manager) X-IMAPbase: 1176125385 8854 Status: O X-UID: 8854 Content-Length: 21561 X-Keywords:

New git-core packages fix privilege escalation

[SECURITY] [DSA 1777-1] New git-core packages fix privilege escalation

<!– Envelope-to: email@address Delivery-date: Tue, 21 Apr 2009 16:47:46 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LwICI-0000at-3h for email@address; Tue, 21 Apr 2009 16:47:46 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 7ABFE237733; Tue, 21 Apr 2009 09:07:51 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 31593 invoked from network); 21 Apr 2009 10:15:59 -0000 Resent-Cc: recipient list not shown: ; Old-Return-Path: <thijs@loeki.tv> X-Original-To: lists-debian-security-announce@liszt.debian.org Delivered-To: lists-debian-security-announce@liszt.debian.org X-Greylist: delayed 1229 seconds by postgrey-1.27 at liszt; Tue, 21 Apr 2009 10:23:02 UTC Message-Id: <20090421102259.36B28326AF9@morgana.loeki.tv> X-Virus-Scanned: at lists.debian.org with policy bank moderated X-Spam-Status: No, score=-10.58 tagged_above=3.6 required=5.3 tests=[BAYES_00=-2, FOURLA=0.1, FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_2=1, LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5] X-Spam-Level: X-Debian: PGP check passed for security officers Priority: urgent Resent-Message-ID: <yTB2zbFW0dK.A.yj.M6Z7JB@liszt> Reply-To: listadmin@securityfocus.com Mail-Followup-To: bugtraq@securityfocus.com Resent-Date: Tue, 21 Apr 2009 10:23:08 +0000 (UTC) Resent-From: list@liszt.debian.org (Mailing List Manager) X-IMAPbase: 1176125385 8852 Status: O X-UID: 8852 Content-Length: 10937 X-Keywords: