Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rpath vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2007-0536
The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges.
Rpath Rpath Linux 1
7.2
CVSSv2
CVE-2005-4595
Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory.
Gentoo Nview 4.51
Gentoo Xnview 1.70
7.1
CVSSv2
CVE-2007-5962
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote malicious users to cause a denial of service (memory consumption) via a large number of CWD comm...
Redhat Enterprise Linux 5.0
Redhat Fedora 6
Redhat Fedora 7
Redhat Fedora 8
Foresight Linux Appliances
Rpath Appliance Platform Agent
3 EDB exploits
1 Github repository
6.9
CVSSv2
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Bmc Patrol Agent 3.9.00
6.9
CVSSv2
CVE-2011-0536
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dyna...
Gnu Glibc 2.5-49.el5 5.6
Gnu Glibc 2.12-1.7.el6 0.3
Redhat Enterprise Linux
1 EDB exploit
6.9
CVSSv2
CVE-2010-3847
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) up to and including 2.11.2, and 2.12.x up to and including 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
4 EDB exploits
1 Github repository
6.9
CVSSv2
CVE-2008-3279
Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Mielke Brltty 3.7.2
6.9
CVSSv2
CVE-2008-4832
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: expl...
Rpath Initscripts 8.56.15-0.1
Rpath Initscripts 8.12-8.21
6.9
CVSSv2
CVE-2007-5194
The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges.
Rpath Rmake 1.0.11
6.5
CVSSv2
CVE-2008-2139
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate malicious users to gain privileges and maintain c...
Rpath Appliance Platform Agent 2
Rpath Appliance Platform Agent 3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »