CVE-2005-4890 (debian_linux, enterprise_linux, shadow, sudo)

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su – user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.

View Full Alert

CVE-2014-3675 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_tus, enterprise_linux_workstation, shim)
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. View Full Alert
CVE-2014-3675 (enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_server_tus, enterprise_linux_workstation, shim)
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. View Full Alert
CVE-2019-10182 (enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_workstation, icedtea-web)
It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially…

Related Posts