Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for directcontrol by centrify

    CVE-2014-7298 (GCVE-0-2014-7298)

    Vulnerability from nvd – Published: 2014-10-24 10:00 – Updated: 2024-08-06 12:47
    VLAI
    Summary
    adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2014-10-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T12:47:32.152Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exploithub.com/centrify-data-leakage.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://twitter.com/travemme/statuses/525298393971564544"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.centrify.com/support/announcements.asp#20141014"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-10-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-10-24T09:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exploithub.com/centrify-data-leakage.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://twitter.com/travemme/statuses/525298393971564544"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.centrify.com/support/announcements.asp#20141014"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-7298",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exploithub.com/centrify-data-leakage.html",
                  "refsource": "MISC",
                  "url": "https://exploithub.com/centrify-data-leakage.html"
                },
                {
                  "name": "http://twitter.com/travemme/statuses/525298393971564544",
                  "refsource": "MISC",
                  "url": "http://twitter.com/travemme/statuses/525298393971564544"
                },
                {
                  "name": "http://www.centrify.com/support/announcements.asp#20141014",
                  "refsource": "CONFIRM",
                  "url": "http://www.centrify.com/support/announcements.asp#20141014"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-7298",
        "datePublished": "2014-10-24T10:00:00.000Z",
        "dateReserved": "2014-10-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T12:47:32.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-7298 (GCVE-0-2014-7298)

    Vulnerability from cvelistv5 – Published: 2014-10-24 10:00 – Updated: 2024-08-06 12:47
    VLAI
    Summary
    adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2014-10-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T12:47:32.152Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exploithub.com/centrify-data-leakage.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://twitter.com/travemme/statuses/525298393971564544"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.centrify.com/support/announcements.asp#20141014"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-10-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-10-24T09:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exploithub.com/centrify-data-leakage.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://twitter.com/travemme/statuses/525298393971564544"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.centrify.com/support/announcements.asp#20141014"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-7298",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exploithub.com/centrify-data-leakage.html",
                  "refsource": "MISC",
                  "url": "https://exploithub.com/centrify-data-leakage.html"
                },
                {
                  "name": "http://twitter.com/travemme/statuses/525298393971564544",
                  "refsource": "MISC",
                  "url": "http://twitter.com/travemme/statuses/525298393971564544"
                },
                {
                  "name": "http://www.centrify.com/support/announcements.asp#20141014",
                  "refsource": "CONFIRM",
                  "url": "http://www.centrify.com/support/announcements.asp#20141014"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-7298",
        "datePublished": "2014-10-24T10:00:00.000Z",
        "dateReserved": "2014-10-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T12:47:32.152Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }