Packet Storm

exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

systemd DynamicUser SetUID Binary Creation: Posted Apr 25, 2019; Authored by Jann Horn, Google Security Research; This bug report describes a bug in systemd that allows a service with DynamicUser in collaboration with another service or user to create a setuid binary that can be used to access its UID beyond the lifetime of the service. This bug probably has relatively low severity, given that there are not many services yet that use DynamicUser, and the requirement of collaboration with another process limits the circumstances in which it would be useful to an attacker further; but in a system that makes heavy use of DynamicUser, it would probably have impact.; tags | exploit; advisories | CVE-2019-3844; SHA-256 | 064bbdd76f48df03346ba02e71f7b8230c92792ac615692d64f9d04ec97b425c; Download | Favorite | View

Related Files

No related files

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 56 files
Debian 19 files
LiquidWorm 18 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Chokri Hammedi 3 files
Alter Prime 3 files
Valentin Lobstein 2 files

File Tags

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,937)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,979)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec