Jeffrey Bencteux
Author Image

Rubrique-à-brac

© 2019 - 2025 Jeffrey Bencteux
Built with Hugo ❤️ hyde-hyde.
CVE-2024-58250: The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges Apr 27, 2025 The passprompt plugin in PPP project do not loose privileges permanently, leading to a potential privilege escalation under specific conditions.
Detecting insiders on GNU/Linux servers Apr 21, 2025 Yet another auditd ruleset
CVE-2024-50306: Unchecked return value in Apache Traffic Server Nov 17, 2024 Unchecked return value can allow Apache Traffic Server to retain privileges on startup.
Privileges relinquishing order in C Oct 01, 2024 Dropping privileges is a common operation done by programs having setUID and/or setGID bits set. They do privileged operations such as binding a socket to a low port or opening files and then drop privileges to continue execution. However, user and groups have to be relinquished following a certain order otherwise these privileges could be regained later on, allowing attacker to escalate privileges. set*id() functions Linux has several system calls to relinquish privileges, either temporarily, to be able to regain it later in execution, or permanently. ...
CVE-2023-47480: unchecked return values of set*id() family functions in Puredata Sep 26, 2024 GNU inetutils do not check return values of set*id() family functions, leading to potential privilege escalations in binaries such as ftpd or rcpd.
Linux process hollowing Sep 07, 2024 Process injection, hollowing and stealth on Linux operating system
Windows explorer restrictions bypasses - filesystem access Apr 08, 2024 Explaining and bypassing some Windows explorer restrictions.
CVE-2023-40303: unchecked return values of set*id() family functions in GNU inetutils Aug 14, 2023 GNU inetutils do not check return values of set*id() family functions, leading to potential privilege escalations in binaries such as ftpd or rcpd.
On checking set*id() return values Jul 26, 2023 If set*id() syscalls' return values are not checked, it can cause security issues such as privilege escalation.
CVE-2023-38336: Command injection in netkit-rcp Jul 18, 2023 Netkit-rcp is vulnerable to a command injection in filenames used as copy arguments.