Published: 03/03/2023 Updated: 07/11/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

systemd prior to 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.

Vulnerable Product	Search on Vulmon	Subscribe to Product
systemd project systemd

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, eg, plausible sudoers files in which the "systemctl status" command may be executed Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program This presents a substantial security risk when ...

DescriptionA vulnerability was found in the systemd package The systemd package does not adequately block local privilege escalation for some Sudo configurations, for example, plausible sudoers files, in which the "systemctl status" command may be executed Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be l ...

概述 Moderate: Red Hat OpenShift Dev Spaces Security Update 类型/严重性 Security Advisory: Moderate 标题 Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and abrowser-based IDE built for teams and organizations Dev Spaces runs inOpenShift and is well-suited for container-based developmentThe 371 release is ...

Synopsis Moderate: systemd security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for systemd is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...

Synopsis Moderate: Migration Toolkit for Containers (MTC) 1711 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 1711 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) bas ...

Synopsis Moderate: Migration Toolkit for Containers (MTC) 1712 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 1712 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) bas ...

Synopsis Moderate: Red Hat OpenShift Service Mesh Containers for 241 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Service Mesh 241 ContainersRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...

Synopsis Moderate: Red Hat OpenShift Service Mesh Containers for 235 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Service Mesh 235 ContainersRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...

Synopsis Moderate: Red Hat OpenShift Service Mesh 228 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Service Mesh 228Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is ...

Synopsis Moderate: Logging Subsystem 573 - Red Hat OpenShift security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Logging Subsystem 573 Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Important: OpenShift Virtualization 4125 security and bug fix update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 4125 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security imp ...

Synopsis Important: Self Node Remediation Operator 051 security update Type/Severity Security Advisory: Important Topic This is an updated version of the Self Node Remediation Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Commo ...

Synopsis Moderate: VolSync 073 security fixes and enhancements Type/Severity Security Advisory: Moderate Topic VolSync v073 enhancements and security fixesRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is ...

Synopsis Moderate: Red Hat OpenShift Data Foundation 4119 security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4119 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this update ...

Synopsis Moderate: VolSync 054 security fixes and enhancements Type/Severity Security Advisory: Moderate Topic VolSync v054 security fixes and enhancementsRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is ...

Synopsis Important: OpenShift API for Data Protection (OADP) 1011 security and bug fix update Type/Severity Security Advisory: Important Topic OpenShift API for Data Protection (OADP) 1011 is now availableRed Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Moderate: Red Hat OpenShift Data Foundation 41014 security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 41014 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this upda ...

概述 Moderate: Red Hat OpenShift Data Foundation 4125 security and bug fix update 类型/严重性 Security Advisory: Moderate 标题 Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4125 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this upda ...

Synopsis Moderate: Secondary Scheduler Operator for Red Hat OpenShift 112 security update Type/Severity Security Advisory: Moderate Topic Secondary Scheduler Operator for Red Hat OpenShift 112Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, whi ...

Synopsis Moderate: DevWorkspace Operator Security Update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat DevWorkspace OperatorRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rat ...

Synopsis Moderate: VolSync 063 security fixes and enhancements Type/Severity Security Advisory: Moderate Topic VolSync v063 security fixes and enhancementsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, ...

Synopsis Moderate: Gatekeeper Operator v02 security fixes and enhancements Type/Severity Security Advisory: Moderate Topic Gatekeeper Operator v02 security fixes and enhancementsRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detaile ...

Synopsis Moderate: Release of OpenShift Serverless 1291 Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Serverless version 1291 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ...

Synopsis Moderate: Red Hat OpenShift support for Windows Containers 601[security update] Type/Severity Security Advisory: Moderate Topic The components for Red Hat OpenShift support for Windows Containers 601 are now available This product release includes bug fixes and security update for the following packages: windows-machine-config-o ...

Synopsis Moderate: ACS 41 enhancement and security update Type/Severity Security Advisory: Moderate Topic Updated images are now available for Red Hat Advanced Cluster Security (RHACS) The updated image includes new features and bug fixesRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulner ...

Synopsis Moderate: OpenShift sandboxed containers 141 security update Type/Severity Security Advisory: Moderate Topic OpenShift sandboxed containers 141 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed seve ...

Critical Infrastructure Sectors: Critical Manufacturing

systemd version 246 suffers from a local root privilege escalation vulnerability ...

Checker for CVE-2023-26604

CVE-2023-26604 Checker for CVE-2023-26604

Esto es una prueba de concepto propia i basica de la vulneravilidad CVE-2023-1326

CVE-2023-1326 A proof of concept for CVE-2023–1326 in apport-cli 2260 This vulnerability is privilege escalation in apport-cli 2260, similar to CVE-2023–26604, this vulnerability only works if assign in sudoers: A privilege escalation attack was found in apport-cli 2260 and earlier which is similar to CVE-2023-26604 If a system is specially configured to all

Este repositorio contiene una detallada guía paso a paso sobre cómo resolví la máquina "Sau" en Hack The Box. Mi objetivo es proporcionar tanto a los entusiastas de la ciberseguridad como a los profesionales, una referencia útil y educativa que puedan seguir para entender y replicar el proceso de resolución.

HackTheBox Sau Walkthrough Este documento proporciona un walkthrough detallado para comprometer la máquina Sau en HackTheBox, destacando las técnicas y herramientas clave empleadas en cada etapa Tabla de Contenidos Introducción Reconocimiento Explotación Explotación de SSRF en Request-Baskets Explotando Maltrail Post-Explotación Co

9 F5 Haftası Live Exploit : githubcom/FerdiGul/POC/tree/main/CVE-2023-26604

A proof of concept for CVE-2023–1326 in apport-cli 2.26.0

CVE-2023-1326-PoC A proof of concept for CVE-2023–1326 in apport-cli 2260 This vulnerability is privilege escalation in apport-cli 2260, similar to CVE-2023–26604, this vulnerability only works if assign in sudoers: A privilege escalation attack was found in apport-cli 2260 and earlier which is similar to CVE-2023-26604 If a system is specially configured to

NVD-CWE-noinfo https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340 https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html https://security.netapp.com/advisory/ntap-20230505-0009/http://packetstormsecurity.com/files/174130/systemd-246-Local-Root-Privilege-Escalation.html https://medium.com/%40zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2004.html https://github.com/Zenmovie/CVE-2023-26604 https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10

Get Started

CVE-2023-26604

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect