
users, groups, DHCP settings) stored in an LDAP directory. LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. There are no known workarounds for this issue. This issue has been fixed in version 8.0. This is not a default configuration of LAM.
#Djvureader v2 0.0 27 code#
This vulnerability could lead to a Remote Code Execution if the /config/templates/pdf/ directory is accessible for remote users. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf.
#Djvureader v2 0.0 27 upgrade#
An attacker capable of writing files under Users unable to upgrade should disallow executing PHP scripts in (/var/lib/ldap-account-manager/)tmp directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of. This is only the case for LDAP search configuration. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. Net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.īottle before 0.12.20 mishandles errors during early request binding.Ī Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. desktop file on an attacker-controlled FTP server. XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a. The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This leads to a local privilege escalation on the monitored host. If such a user exists on the system, they can change the content of these files (which are then executed by root). Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will be owned by the user and the group with ID 1001. Packages created by the agent bakery (enterprise editions only) were not affected. GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.ĭrivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.Ī permission issue affects users that deployed the shipped version of the Checkmk Debian package.
