cve/CVE-2015-3246.md at b9f71be413f98288ba69ffc52e91a65fc146eb2b

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 03:02:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.

POC

Reference

https://www.exploit-db.com/exploits/44633/
https://www.exploit-db.com/exploits/44633/
https://www.qualys.com/2015/07/23/cve-2015-3245-cve-2015-3246/cve-2015-3245-cve-2015-3246.txt
https://www.qualys.com/2015/07/23/cve-2015-3245-cve-2015-3246/cve-2015-3245-cve-2015-3246.txt

Github

https://github.com/ARPSyndicate/cvemon

1.0 KiB Raw Blame History

CVE-2015-3246

Description

POC

Reference

Github

1.0 KiB

Raw Blame History