Security Hero » Escalation http://sechero.com If it's about security, you heard it here first Mon, 12 Jul 2010 23:27:38 +0000 en hourly 1 Dovecot Insecure ‘base_dir’ Permissions Local Privilege Escalation Vulnerability http://sechero.com/dovecot-insecure-base_dir-permissions-local-privilege-escalation-vulnerability/ http://sechero.com/dovecot-insecure-base_dir-permissions-local-privilege-escalation-vulnerability/#comments Mon, 30 Nov 2009 22:29:50 +0000 invalid string http://sechero.com/?p=21015 Vuln: Dovecot Insecure ‘base_dir’ Permissions Local Privilege Escalation Vulnerability

Dovecot Insecure ‘base_dir’ Permissions Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/37084

]]> http://sechero.com/dovecot-insecure-base_dir-permissions-local-privilege-escalation-vulnerability/feed/ 0 nilfs-utils Multiple Local Privilege Escalation Vulnerabilities http://sechero.com/nilfs-utils-multiple-local-privilege-escalation-vulnerabilities/ http://sechero.com/nilfs-utils-multiple-local-privilege-escalation-vulnerabilities/#comments Tue, 28 Jul 2009 01:48:36 +0000 invalid string http://sechero.com/?p=20941 Vuln: nilfs-utils Multiple Local Privilege Escalation Vulnerabilities

nilfs-utils Multiple Local Privilege Escalation Vulnerabilities

URL: http://www.securityfocus.com/bid/35796

]]> http://sechero.com/nilfs-utils-multiple-local-privilege-escalation-vulnerabilities/feed/ 0 NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability http://sechero.com/nos-getplus-download-manager-insecure-file-permissions-local-privilege-escalation-vulnerability/ http://sechero.com/nos-getplus-download-manager-insecure-file-permissions-local-privilege-escalation-vulnerability/#comments Tue, 21 Jul 2009 19:47:58 +0000 invalid string http://sechero.com/?p=20851 Vuln: NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability

NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/35740

]]> http://sechero.com/nos-getplus-download-manager-insecure-file-permissions-local-privilege-escalation-vulnerability/feed/ 0 SonicWALL Global VPN Client Local Privilege Escalation Vulnerability http://sechero.com/sonicwall-global-vpn-client-local-privilege-escalation-vulnerability/ http://sechero.com/sonicwall-global-vpn-client-local-privilege-escalation-vulnerability/#comments Tue, 26 May 2009 18:44:54 +0000 invalid string

Bugtraq: SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability

SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/archive/1/503832

]]> http://sechero.com/sonicwall-global-vpn-client-local-privilege-escalation-vulnerability/feed/ 0 SonicWALL Global Security Client Local Privilege Escalation Vulnerability http://sechero.com/sonicwall-global-security-client-local-privilege-escalation-vulnerability/ http://sechero.com/sonicwall-global-security-client-local-privilege-escalation-vulnerability/#comments Tue, 26 May 2009 16:50:01 +0000 invalid string

SEC Consult SA-20090525-2 :: SonicWALL Global Security Client Local Privilege Escalation Vulnerability

<!– Envelope-to: email@address Delivery-date: Tue, 26 May 2009 17:49:37 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M8zqL-0003G2-4l for email@address; Tue, 26 May 2009 17:49:37 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 4068823794B; Tue, 26 May 2009 09:57:47 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 28419 invoked from network); 26 May 2009 14:46:15 -0000 Local Privilege Escalation Vulnerability Bugtraq <bugtraq@securityfocus.com> Content-Type: text/plain; charset="UTF-8" Message-ID: <1243349183.5738.31.camel@b4byl0n> MIME-Version: 1.0 X-Mailer: Evolution 2.26.1 Content-Transfer-Encoding: quoted-printable X-IMAPbase: 1176125385 9193 Status: O X-UID: 9192 Content-Length: 2991 X-Keywords:

]]> http://sechero.com/sonicwall-global-security-client-local-privilege-escalation-vulnerability/feed/ 0 Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities http://sechero.com/multiple-arcabit-arcavir-products-multiple-ioctl-request-local-privilege-escalation-vulnerabilities/ http://sechero.com/multiple-arcabit-arcavir-products-multiple-ioctl-request-local-privilege-escalation-vulnerabilities/#comments Tue, 26 May 2009 00:00:00 +0000 invalid string

Vuln: Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities

Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities

URL: http://www.securityfocus.com/bid/35100

]]> http://sechero.com/multiple-arcabit-arcavir-products-multiple-ioctl-request-local-privilege-escalation-vulnerabilities/feed/ 0 Microsoft validates web server vulnerability http://sechero.com/microsoft-validates-web-server-vulnerability/ http://sechero.com/microsoft-validates-web-server-vulnerability/#comments Tue, 19 May 2009 11:50:04 +0000 invalid string

Microsoft validates web server vulnerability

Microsoft on Tuesday confirmed the presence of a privilege-escalation vulnerability in its Internet Information Services web server — but said no exploits are underway.


URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/MRQDeMPNzOQ/

]]> http://sechero.com/microsoft-validates-web-server-vulnerability/feed/ 0 Linux Kernel ‘exit_notify()’ CAP_KILL Verification Local Privilege Escalation Vulnerability http://sechero.com/linux-kernel-exit_notify-cap_kill-verification-local-privilege-escalation-vulnerability/ http://sechero.com/linux-kernel-exit_notify-cap_kill-verification-local-privilege-escalation-vulnerability/#comments Tue, 19 May 2009 00:00:00 +0000 invalid string

Vuln: Linux Kernel ‘exit_notify()’ CAP_KILL Verification Local Privilege Escalation Vulnerability

Linux Kernel ‘exit_notify()’ CAP_KILL Verification Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/34405

]]> http://sechero.com/linux-kernel-exit_notify-cap_kill-verification-local-privilege-escalation-vulnerability/feed/ 0 Adobe Flash Media Server privilege escalation security bulletin, (Fri, May 1st) http://sechero.com/adobe-flash-media-server-privilege-escalation-security-bulletin-fri-may-1st/ http://sechero.com/adobe-flash-media-server-privilege-escalation-security-bulletin-fri-may-1st/#comments Fri, 01 May 2009 15:32:07 +0000 invalid string

Adobe Flash Media Server privilege escalation security bulletin, (Fri, May 1st)

>From their web site: A potential vulnerability has been identified in Flash Media Server 3.5.1 and earlier that could allow an attacker to execute remote procedures in Flash Media Interactive Server or Flash Media Streaming Server. Adobe recommends users update to the most current version of Flash Media Server (3.5.2 or 3.0.4 or greater)
Updates available to address Flash Media Server privilege escalation issue
Cheers,

Adrien de Beaupr

EWA-Canada.com

URL: http://isc.sans.org/diary.php?storyid=6307&rss

]]> http://sechero.com/adobe-flash-media-server-privilege-escalation-security-bulletin-fri-may-1st/feed/ 0 libvirt ‘libvirt_proxy.c’ Local Privilege Escalation Vulnerability http://sechero.com/libvirt-libvirt_proxyc-local-privilege-escalation-vulnerability/ http://sechero.com/libvirt-libvirt_proxyc-local-privilege-escalation-vulnerability/#comments Mon, 27 Apr 2009 00:00:00 +0000 invalid string

Vuln: libvirt ‘libvirt_proxy.c’ Local Privilege Escalation Vulnerability

libvirt ‘libvirt_proxy.c’ Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/33724

]]> http://sechero.com/libvirt-libvirt_proxyc-local-privilege-escalation-vulnerability/feed/ 0 SLURM ‘sbcast’ and ‘strigger’ Group Permissions Local Privilege Escalation Vulnerability http://sechero.com/slurm-sbcast-and-strigger-group-permissions-local-privilege-escalation-vulnerability/ http://sechero.com/slurm-sbcast-and-strigger-group-permissions-local-privilege-escalation-vulnerability/#comments Thu, 23 Apr 2009 00:00:00 +0000 invalid string http://sechero.com/slurm-sbcast-and-strigger-group-permissions-local-privilege-escalation-vulnerability/

Vuln: SLURM ‘sbcast’ and ‘strigger’ Group Permissions Local Privilege Escalation Vulnerability

SLURM ‘sbcast’ and ‘strigger’ Group Permissions Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/34638

]]> http://sechero.com/slurm-sbcast-and-strigger-group-permissions-local-privilege-escalation-vulnerability/feed/ 0 DirectAdmin ‘/CMD_DB’ Restore Action Local Privilege Escalation Vulnerability http://sechero.com/directadmin-cmd_db-restore-action-local-privilege-escalation-vulnerability/ http://sechero.com/directadmin-cmd_db-restore-action-local-privilege-escalation-vulnerability/#comments Thu, 23 Apr 2009 00:00:00 +0000 invalid string http://sechero.com/directadmin-cmd_db-restore-action-local-privilege-escalation-vulnerability/

Vuln: DirectAdmin ‘/CMD_DB’ Restore Action Local Privilege Escalation Vulnerability

DirectAdmin ‘/CMD_DB’ Restore Action Local Privilege Escalation Vulnerability

URL: http://www.securityfocus.com/bid/34678

]]> http://sechero.com/directadmin-cmd_db-restore-action-local-privilege-escalation-vulnerability/feed/ 0 DirectAdmin lt 1.33.4 Local file overwrite amp Local root escalation http://sechero.com/directadmin-lt-1334-local-file-overwrite-amp-local-root-escalation/ http://sechero.com/directadmin-lt-1334-local-file-overwrite-amp-local-root-escalation/#comments Wed, 22 Apr 2009 10:34:45 +0000 invalid string http://sechero.com/directadmin-lt-1334-local-file-overwrite-amp-local-root-escalation/

DirectAdmin lt 1.33.4 Local file overwrite amp Local root escalation

Posted by anony mous on Apr 22

Author: Anonymous
ReleaseID: d8253f15e447935c24ab38a215735931942a77717d7b55d84200d070d1e54d3b

The issue on www.directadmin.com/features.php?id=968 is larger than
the wording would…

URL: http://seclists.org/fulldisclosure/2009/Apr/0227.html

]]> http://sechero.com/directadmin-lt-1334-local-file-overwrite-amp-local-root-escalation/feed/ 0 New slurm-llnl packages fix privilege escalation http://sechero.com/new-slurm-llnl-packages-fix-privilege-escalation-2/ http://sechero.com/new-slurm-llnl-packages-fix-privilege-escalation-2/#comments Tue, 21 Apr 2009 16:20:01 +0000 invalid string http://sechero.com/new-slurm-llnl-packages-fix-privilege-escalation-2/

[SECURITY] [DSA 1776-1] New slurm-llnl packages fix privilege escalation

<!– Envelope-to: email@address Delivery-date: Tue, 21 Apr 2009 17:12:57 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LwIaf-00019I-Jw for email@address; Tue, 21 Apr 2009 17:12:57 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id EA9462377B3; Tue, 21 Apr 2009 09:14:26 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 31654 invoked from network); 21 Apr 2009 10:24:24 -0000 Resent-Cc: recipient list not shown: ; Old-Return-Path: <thijs@loeki.tv> X-Original-To: lists-debian-security-announce@liszt.debian.org Delivered-To: lists-debian-security-announce@liszt.debian.org Message-Id: <20090421100231.281C1326874@morgana.loeki.tv> X-Virus-Scanned: at lists.debian.org with policy bank moderated X-Spam-Status: No, score=-9.08 tagged_above=3.6 required=5.3 tests=[BAYES_00=-2, FOURLA=0.1, FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_2=1, LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5, PHONENUMBER=1.5] X-Spam-Level: X-Debian: PGP check passed for security officers Priority: urgent Resent-Message-ID: <B8m8ywrRvqI.A.JyC.GCa7JB@liszt> Reply-To: listadmin@securityfocus.com Mail-Followup-To: bugtraq@securityfocus.com Resent-Date: Tue, 21 Apr 2009 10:31:34 +0000 (UTC) Resent-From: list@liszt.debian.org (Mailing List Manager) X-IMAPbase: 1176125385 8854 Status: O X-UID: 8854 Content-Length: 21561 X-Keywords:

]]> http://sechero.com/new-slurm-llnl-packages-fix-privilege-escalation-2/feed/ 0 New git-core packages fix privilege escalation http://sechero.com/new-git-core-packages-fix-privilege-escalation-2/ http://sechero.com/new-git-core-packages-fix-privilege-escalation-2/#comments Tue, 21 Apr 2009 15:50:01 +0000 invalid string

[SECURITY] [DSA 1777-1] New git-core packages fix privilege escalation

<!– Envelope-to: email@address Delivery-date: Tue, 21 Apr 2009 16:47:46 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LwICI-0000at-3h for email@address; Tue, 21 Apr 2009 16:47:46 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id 7ABFE237733; Tue, 21 Apr 2009 09:07:51 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 31593 invoked from network); 21 Apr 2009 10:15:59 -0000 Resent-Cc: recipient list not shown: ; Old-Return-Path: <thijs@loeki.tv> X-Original-To: lists-debian-security-announce@liszt.debian.org Delivered-To: lists-debian-security-announce@liszt.debian.org X-Greylist: delayed 1229 seconds by postgrey-1.27 at liszt; Tue, 21 Apr 2009 10:23:02 UTC Message-Id: <20090421102259.36B28326AF9@morgana.loeki.tv> X-Virus-Scanned: at lists.debian.org with policy bank moderated X-Spam-Status: No, score=-10.58 tagged_above=3.6 required=5.3 tests=[BAYES_00=-2, FOURLA=0.1, FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_2=1, LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5] X-Spam-Level: X-Debian: PGP check passed for security officers Priority: urgent Resent-Message-ID: <yTB2zbFW0dK.A.yj.M6Z7JB@liszt> Reply-To: listadmin@securityfocus.com Mail-Followup-To: bugtraq@securityfocus.com Resent-Date: Tue, 21 Apr 2009 10:23:08 +0000 (UTC) Resent-From: list@liszt.debian.org (Mailing List Manager) X-IMAPbase: 1176125385 8852 Status: O X-UID: 8852 Content-Length: 10937 X-Keywords:

]]> http://sechero.com/new-git-core-packages-fix-privilege-escalation-2/feed/ 0