Search
Find a vulnerability
Search criteria
2 vulnerabilities found for directcontrol by centrify
CVE-2014-7298 (GCVE-0-2014-7298)
Vulnerability from nvd – Published: 2014-10-24 10:00 – Updated: 2024-08-06 12:47
VLAI
EPSS
VEX
Summary
adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exploithub.com/centrify-data-leakage.html | x_refsource_MISC |
| http://twitter.com/travemme/statuses/525298393971564544 | x_refsource_MISC |
| http://www.centrify.com/support/announcements.asp… | x_refsource_CONFIRM |
Date Public
2014-10-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:47:32.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exploithub.com/centrify-data-leakage.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/travemme/statuses/525298393971564544"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.centrify.com/support/announcements.asp#20141014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-24T09:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exploithub.com/centrify-data-leakage.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/travemme/statuses/525298393971564544"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.centrify.com/support/announcements.asp#20141014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exploithub.com/centrify-data-leakage.html",
"refsource": "MISC",
"url": "https://exploithub.com/centrify-data-leakage.html"
},
{
"name": "http://twitter.com/travemme/statuses/525298393971564544",
"refsource": "MISC",
"url": "http://twitter.com/travemme/statuses/525298393971564544"
},
{
"name": "http://www.centrify.com/support/announcements.asp#20141014",
"refsource": "CONFIRM",
"url": "http://www.centrify.com/support/announcements.asp#20141014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7298",
"datePublished": "2014-10-24T10:00:00.000Z",
"dateReserved": "2014-10-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:47:32.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7298 (GCVE-0-2014-7298)
Vulnerability from cvelistv5 – Published: 2014-10-24 10:00 – Updated: 2024-08-06 12:47
VLAI
EPSS
VEX
Summary
adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exploithub.com/centrify-data-leakage.html | x_refsource_MISC |
| http://twitter.com/travemme/statuses/525298393971564544 | x_refsource_MISC |
| http://www.centrify.com/support/announcements.asp… | x_refsource_CONFIRM |
Date Public
2014-10-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:47:32.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exploithub.com/centrify-data-leakage.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/travemme/statuses/525298393971564544"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.centrify.com/support/announcements.asp#20141014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-24T09:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exploithub.com/centrify-data-leakage.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/travemme/statuses/525298393971564544"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.centrify.com/support/announcements.asp#20141014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exploithub.com/centrify-data-leakage.html",
"refsource": "MISC",
"url": "https://exploithub.com/centrify-data-leakage.html"
},
{
"name": "http://twitter.com/travemme/statuses/525298393971564544",
"refsource": "MISC",
"url": "http://twitter.com/travemme/statuses/525298393971564544"
},
{
"name": "http://www.centrify.com/support/announcements.asp#20141014",
"refsource": "CONFIRM",
"url": "http://www.centrify.com/support/announcements.asp#20141014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7298",
"datePublished": "2014-10-24T10:00:00.000Z",
"dateReserved": "2014-10-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:47:32.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}