Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2016-2781

Description

chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

POC

Reference

No PoCs from references.

Github

- https://github.com/0xDeCA10B/attackfinder

- https://github.com/ARPSyndicate/cvemon

- https://github.com/CodingSimia/jenkins-shiftleft

- https://github.com/Dariani223/DevOpsFinal

- https://github.com/Frannc0/test2

- https://github.com/GrigGM/05-virt-04-docker-hw

- https://github.com/Myash-New/05-virt-04-docker-in-practice

- https://github.com/NeXTLinux/griffon

- https://github.com/NeXTLinux/vunnel

- https://github.com/PajakAlexandre/wik-dps-tp02

- https://github.com/Telooss/TP-WIK-DPS-TP02

- https://github.com/Thaeimos/aws-eks-image

- https://github.com/VAN-ALLY/Anchore

- https://github.com/actions-marketplace-validations/phonito_phonito-scanner-action

- https://github.com/adegoodyer/kubernetes-admin-toolkit

- https://github.com/adegoodyer/ubuntu

- https://github.com/ailispaw/clair-barge

- https://github.com/anchore/grype

- https://github.com/anchore/vunnel

- https://github.com/aymankhder/scanner-for-container

- https://github.com/brandoncamenisch/release-the-code-litecoin

- https://github.com/cdupuis/image-api

- https://github.com/devopstales/trivy-operator

- https://github.com/dispera/giant-squid

- https://github.com/domyrtille/interview_project

- https://github.com/drewtwitchell/scancompare

- https://github.com/epequeno/devops-demo

- https://github.com/equinor/radix-image-scanner

- https://github.com/flexiondotorg/CNCF-02

- https://github.com/flyrev/security-scan-ci-presentation

- https://github.com/fokypoky/places-list

- https://github.com/garethr/findcve

- https://github.com/garethr/snykout

- https://github.com/gp47/xef-scan-ex02

- https://github.com/hartwork/antijack

- https://github.com/khulnasoft-lab/vulnlist

- https://github.com/khulnasoft-labs/griffon

- https://github.com/m-pasima/CI-CD-Security-image-scan

- https://github.com/metapull/attackfinder

- https://github.com/mmbazm/secure_license_server

- https://github.com/nedenwalker/spring-boot-app-using-gradle

- https://github.com/nedenwalker/spring-boot-app-with-log4j-vuln

- https://github.com/onzack/trivy-multiscanner

- https://github.com/phonito/phonito-scanner-action

- https://github.com/poikl246/DevSecOps-2024-v2

- https://github.com/renovate-bot/NeXTLinux-_-vunnel

- https://github.com/step-security-bot/griffon

- https://github.com/tamboliv10/GitCode-Vulnerability-Scanner-OSS---Security-

- https://github.com/tl87/container-scanner

- https://github.com/vissu99/grype-0.70.0

- https://github.com/x9nico/Exam_Docker

- https://github.com/yeforriak/snyk-to-cve

- https://github.com/yfoelling/yair

- https://github.com/z4ng1ew/Trivy-Flask-App-With-Bandit-TruffleHog