{"vulnerability": "CVE-2019-14287", "sightings": [{"uuid": "6ea27091-3cb9-484d-bbf7-1095bf249720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://gist.github.com/tradebot-elastic/0443cfb5016bed103f1940b2f336e45a", "content": "", "creation_timestamp": "2025-01-09T15:31:50.000000Z"}, {"uuid": "2b75a959-c296-4234-8309-753adf825dbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/1108", "content": "\ud83d\udd0e \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2019-14287 (sudo) \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e Sysdig Falco: https://sysdig.com/blog/detecting-cve-2019-14287/\n\n\ud83d\udcd7 \u041d\u0430 \u0441\u0430\u043c Falco, \u043c\u044b \u0441 \u0432\u0430\u043c\u0438 \u0441\u043c\u043e\u0442\u0440\u0435\u043b\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u044d\u0442\u043e\u0439 \u0437\u0430\u043c\u0435\u0442\u043a\u0438: https://sysadmin.pm/sysdig-falco/\n\n#sysdig #falco #security", "creation_timestamp": "2019-10-17T09:16:32.000000Z"}, {"uuid": "a5fdb424-92bf-45e1-b033-f16e885f6f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2019-14287", "type": "seen", "source": "https://bsky.app/profile/flarestart.bsky.social/post/3mfktyzdzmu24", "content": "", "creation_timestamp": "2026-02-23T23:54:32.055805Z"}, {"uuid": "bdae9171-735d-4ae9-b594-1dfbe695f0f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/antichat/6786", "content": "How to detect CVE-2019-14287 using Falco\nhttps://sysdig.com/blog/detecting-cve-2019-14287/", "creation_timestamp": "2019-10-16T22:00:47.000000Z"}, {"uuid": "69b87dcb-60d4-44dc-9164-01c2c8cb5720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://bsky.app/profile/aptgame.bsky.social/post/3lgnphz6jqk2l", "content": "", "creation_timestamp": "2025-01-26T15:10:26.890329Z"}, {"uuid": "0c1d565a-537d-4410-b37c-1b9faa74f2f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://gist.github.com/Metis-Intel/b94dbfe682c0d50d18e127d4891208cb", "content": "", "creation_timestamp": "2025-12-16T03:39:35.000000Z"}, {"uuid": "591fa1a5-bd82-43f2-84e5-02010141f639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "published-proof-of-concept", "source": "Telegram/i724dyswVXMowZfrYp7d_zckzTfB5Kjt1pPkqu_GXPc1QA0", "content": "", "creation_timestamp": "2026-04-25T21:00:05.000000Z"}, {"uuid": "cfb7b3aa-e3bc-4dec-a28c-383182f6080d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/HackerOne/2531", "content": "Potential bypass of Runas user restrictions\n\nRelease Date:\nOctober 14, 2019\nSummary:\nWhen sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295.\n\nThis can be used by a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access as long as the ALL keyword is listed first in the Runas specification.\n\n@ctfplay\nLog entries for commands run this way will list the target user as 4294967295 instead of root. In addition, PAM session modules will not be run for the command.\nSudo versions affected:\nSudo versions prior to 1.8.28 are affected.\nCVE ID:\nThis vulnerability has been assigned CVE-2019-14287 in the Common Vulnerabilities and Exposures database. \n\nRef:\nhttps://www.sudo.ws/alerts/minus_1_uid.html\nhttps://access.redhat.com/security/cve/cve-2019-14287\n#News\n#Linux\n@ctfplay", "creation_timestamp": "2019-10-16T09:13:34.000000Z"}, {"uuid": "5985a84f-8229-4e42-ad09-19f0b9d27abf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "published-proof-of-concept", "source": "https://t.me/w2hack/294", "content": "\u0414\u0440\u0443\u0437\u044c\u044f, \u043c\u0435\u043d\u044f \u0434\u043e\u043b\u0433\u043e \u043d\u0435 \u0431\u044b\u043b\u043e \u0432 \u044d\u0444\u0438\u0440\u0435, \u044f \u0443\u0435\u0437\u0436\u0430\u043b \u0432 \u043e\u0442\u043f\u0443\u0441\u043a \u0438 \u0432\u043e\u0442 \u0442\u0435\u043f\u0435\u0440\u044c \u0441\u043d\u043e\u0432\u0430 \u0441 \u0432\u0430\u043c\u0438, \u0430 \u0437\u0430 \u044d\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043d\u0430\u043a\u043e\u043f\u0438\u043b\u043e\u0441\u044c \u043d\u0435 \u043c\u0430\u043b\u043e \u0433\u0443\u0434\u043d\u044b\u0445 \u043d\u043e\u0432\u043e\u0441\u0442\u0435\u0439 \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044f\u0448\u0435\u043a.  \u0418 \u0442\u0430\u043a \u043e\u0431\u0437\u043e\u0440 \u0441\u0432\u0435\u0436\u0435\u0447\u043a\u0430 \u0438 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u0449\u0438\u043d\u044b \u043d\u0430 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0443 \u043e\u0441\u0435\u043d\u0438 2019.\n\n\u041d\u041e\u0412\u041e\u0421\u0422\u0418\n\n\u0414\u0443\u043c\u0430\u0435\u0448\u044c \u0432 \u0426\u0420\u0423 \u043e\u0434\u043d\u0438 \u0434\u0435\u0431\u0438\u043b\u044b \u043a\u0430\u043a \u043d\u0430\u043c \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0412\u043e\u043b\u043e\u0434\u044f \u0441 \u0442\u0435\u043b\u0435\u0432\u0438\u0437\u043e\u0440\u0430? K.G.B. \u043e\u0431\u043e\u0441\u0440\u0430\u043b\u043e\u0441\u044c \u043d\u0435 \u043c\u0435\u043d\u044c\u0448\u0435, \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0430\u044f \u0443\u0442\u0435\u0447\u043a\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0421\u041e\u0420\u041c, \u0438\u0445 \u0432\u0430\u0441\u0441\u0430\u043b \u041c\u0422\u0421 \u043b\u044c\u0435\u0442 \u0432\u0441\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0447\u0442\u043e \u0435\u0441\u0442\u044c \u0432 \u0426\u041e\u0414\u0430\u0445.  \u0417\u0430 \u043d\u0438\u043c\u0438 \u0436\u0438\u0434\u043a\u043e \u043e\u0431\u0434\u0435\u043b\u0430\u043b\u0430\u0441\u044c \u0420\u0416\u0414. \u0410 \u0442\u044b \u0434\u0443\u043c\u0430\u043b \u0432\u0441\u0435 \u0445\u043e\u0440\u043e\u0448\u043e?)) \n[Rus] https://www.the-village.ru/village/city/situation/362497-mts-sorm\n[Rus] https://habr.com/ru/news/t/465053/\n[Eng] https://www.upguard.com/breaches/mts-nokia-telecom-inventory-data-exposure#spreadsheets\n[Rus] https://thebell.io/gosudarstvo-otkrytogo-dostupa-dannye-rossiyan-utekli-cherez-sajt-rzhd-i-sistemu-sorm/\n\n\u0425\u043e\u0447\u0435\u0448\u044c \u0441\u0442\u0430\u0442\u044c \u0431\u043e\u0433\u043e\u043c, \u043d\u043e \u043d\u0435 \u0437\u043d\u0430\u0435\u0448\u044c \u043a\u0430\u043a!? \u0336\u041e\u0336\u0445\u0336\u0443\u0336\u0438\u0336\u0442\u0336\u0435\u0336\u043b\u0336\u044c\u0336\u043d\u0336\u0430\u0336\u044f\u0336  \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 sudo (CVE-2019-14287). \u041f\u043e\u0438\u043c\u0435\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441\u0442\u0430\u043b\u043e \u0435\u0449\u0435 \u043f\u0440\u043e\u0449\u0435 \u2013 \u043f\u0435\u043d-\u0442\u0435\u0441\u0442\u0435\u0440\u0430\u043c \u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\ud83d\ude0a \u043d\u0430 \u0437\u0430\u043c\u0435\u0442\u043a\u0443!\n[News] https://www.securitylab.ru/news/501759.php\n[YouTube] https://www.youtube.com/watch?v=btUf1O7lQmY\n\n\u0421\u043f\u0443\u0441\u0442\u044f \u043c\u043d\u043e\u0433\u043e \u043b\u0435\u0442 \u044d\u043d\u0442\u0443\u0437\u0438\u0430\u0441\u0442\u044b  \u0336\u043f\u0336\u043e\u0336\u0434\u0336\u043b\u0336\u043e\u0336\u043c\u0336\u0430\u0336\u043b\u0336\u0438\u0336  \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0430\u0440\u043e\u043b\u0438 \u043e\u0442\u0446\u043e\u0432-\u043e\u0441\u043d\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Unix - \u0411\u0440\u0430\u0439\u043d\u0430 \u041a\u0435\u0440\u043d\u0438\u0433\u0430\u043d\u0430 \u0438 \u041a\u0435\u043d\u0430 \u0422\u043e\u043c\u043f\u0441\u043e\u043d\u0430, \u0438 \u043a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u0442\u0430\u043c.. \u0432\u043e\u043e\u0431\u0449\u0435\u043c \u0432\u044b\u0432\u043e\u0434\u044b \u0434\u0435\u043b\u0430\u0439\u0442\u0435 \u0441\u0430\u043c\u0438!\n[Rus] https://devsday.ru/blog/details/968\n\n\u041b\u0438\u043d\u0443\u0441 \u0422\u043e\u0440\u0432\u0430\u043b\u044c\u0434\u0441, \u043e\u0442\u0435\u0446-\u043e\u0441\u043d\u043e\u0432\u0430\u0442\u0435\u043b\u044c Linux  \u0336\u043d\u0336\u0430\u0336\u0434\u0336\u0430\u0336\u0432\u0336\u0430\u0336\u043b\u0336 \u0336\u043b\u0336\u0430\u0336\u0434\u0336\u043e\u0336\u0448\u0336\u043a\u0336\u043e\u0336\u0439\u0336 \u0336\u043f\u0336\u043e\u0336 \u0336\u0433\u0336\u0443\u0336\u0431\u0336\u0430\u0336\u043c\u0336 \u0336  \u0437\u0430\u0442\u044f\u0433\u0438\u0432\u0430\u0435\u0442 \u0433\u0430\u0439\u043a\u0438 \u0432 \u0446\u0435\u043b\u044f\u0445 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0444\u0438\u0447\u0430 LockDown \u0432 \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438  \u044f\u0434\u0440\u0430 5.4\n[Web] https://habr.com/ru/news/t/470249/\n\n\u041a\u043e\u0433\u0434\u0430-\u0442\u043e Kaspersky Free \u0431\u044b\u043b \u043d\u0435 \u043f\u043b\u043e\u0445\u0438\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u043c, \u0440\u0435\u0430\u043b\u044c\u043d\u0430\u044f \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u0430 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c \u0434\u043b\u044f \u0434\u043e\u043c\u0430\u0448\u043d\u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f.. \u0421\u0435\u0439\u0447\u0430\u0441 \u044d\u0442\u043e \u043a\u0430\u043a\u0430\u044f \u0336 \u0336\u0445\u0336\u0443\u0336\u0439\u0336\u043d\u0336\u044f\u0336 \u0336 \u0434\u0438\u0447, \u0416\u0435\u043d\u044f, \u0447\u0442\u043e \u0442\u044b \u0434\u0435\u043b\u0430\u0435\u0448\u044c? \u041f\u0440\u0435\u043a\u0440\u0430\u0442\u0438! \u0423 \u0442\u0435\u0431\u044f \u0447\u0442\u043e \u043e\u0444\u0438\u0441 \u0336  \u0336\u0435\u0336\u0431\u0336\u0430\u0336\u043d\u0336\u0438\u0336\u043d\u0336\u0430\u0336  \u0442\u0430\u043a \u0441\u0435\u0431\u0435, \u0447\u0442\u043e \u0442\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0432 \u0442\u0443\u0436\u0435 \u0441\u0442\u043e\u0440\u043e\u043d\u0443 (\u0431\u0430\u0433\u0430, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0430\u0442\u0447\u0438\u043b\u0438 \u0430\u0436 \u043f\u043e\u043b\u0433\u043e\u0434\u0430!)\n[Web] https://www.computerra.ru/241038/kaspersky-free/\n[Web] https://habr.com/ru/news/t/463893/\n\n\u0413\u043e\u0434 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a IBM \u043a\u0443\u043f\u0438\u043b\u0430 RedHat, \u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0442\u0447\u0435\u0442\u044b\n[Web] https://servernews.ru/995767\n\n\u041d\u0430 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043b\u0435\u043a\u0446\u0438\u0439 \u0432 \u0412\u0423\u0417\u0435, \u0433\u0434\u0435 \u044f \u0447\u0438\u0442\u0430\u043b, \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u043b \u043e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0445 \u0437\u0430\u043a\u043b\u0430\u0434\u043a\u0430\u0445 (backdoor), \u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0434\u0443\u043c\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u043d\u0438 \u0432 \u0441\u043e\u0444\u0442\u0435, \u0430 \u043e\u043d\u0438 \u0435\u0441\u0442\u044c \u0438 \u0432 \u0436\u0435\u043b\u0435\u0437\u0435 \u2013 \u043a\u0435\u0439\u0441 \u0441 \u0413\u0430\u0437\u041f\u0440\u043e\u043c\u043e\u043c \u0438 Cisco\n[Web] https://www.rbc.ru/business/15/10/2019/5da5f1e19a7947cfb127bdfd?from=from_main\n[Web] https://habr.com/ru/news/t/471398/", "creation_timestamp": "2019-10-22T09:58:20.000000Z"}, {"uuid": "81b4ee48-6034-4623-a8e2-211836861ac0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "published-proof-of-concept", "source": "https://t.me/Celestial_Pulse24/9015", "content": "TCM - Linux Privilege Escalation for Beginners2024\n\nLanguage : English\n\nsize : 1.4 GB\n\nWhat will I learn?\n\n\u26201) How to enumerate Linux systems manually and with tools\n\n\u26202) A multitude of privilege escalation techniques, including:\n\nKernel Exploits\nPassword Hunting\nFile Permissions\nSudo Attacks\nShell Escaping\nIntended Functionality\nLD_PRELOAD\nCVE-2019-14287\nCVE-2019-18634\nSUID Attacks\nShared Object Injection\nBinary Symlinks\nEnvironment Variables\nCapabilities Attacks\nScheduled Tasks\nNFS\nDocker\n\u26203) Tons of hands-on experience, including:\n\n11 vulnerable machines total\nCapstone challenge\nCustom lab with no installation required\n\n\u2620Download link\n\nhttps://mega.nz/file/tXNTALAJ#sHd67ibXDCNctt_5ElBMUfe79AYt7VQEEIibzOuj2UY", "creation_timestamp": "2024-09-11T09:54:54.000000Z"}, {"uuid": "ff7c12fa-3375-4922-8381-cab281e30989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/InfiniteSecrets/441", "content": "TCM - Linux Privilege Escalation for Beginners2024\n\nLanguage : English\n\nsize : 1.4 GB\n\nWhat will I learn?\n\n\u26201) How to enumerate Linux systems manually and with tools\n\n\u26202) A multitude of privilege escalation techniques, including:\n\nKernel Exploits\nPassword Hunting\nFile Permissions\nSudo Attacks\nShell Escaping\nIntended Functionality\nLD_PRELOAD\nCVE-2019-14287\nCVE-2019-18634\nSUID Attacks\nShared Object Injection\nBinary Symlinks\nEnvironment Variables\nCapabilities Attacks\nScheduled Tasks\nNFS\nDocker\n\u26203) Tons of hands-on experience, including:\n\n11 vulnerable machines total\nCapstone challenge\nCustom lab with no installation required\n\nPrice - 10$", "creation_timestamp": "2024-09-01T21:03:52.000000Z"}, {"uuid": "e48f898c-45b2-4cec-8307-62af6158cc67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/ctinow/164378", "content": "https://ift.tt/jC9Fi1J\nCVE-2019-14287 | sudo up to 1.8.27 Runas Restriction input validation", "creation_timestamp": "2024-01-08T15:16:36.000000Z"}, {"uuid": "f87c2ee4-3dd1-4ea7-8170-1211c69b0385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/1220", "content": "A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo\n\nSome of the checks/functionalities that are performed by the tool.\n - Misconfigurations\n - Dangerous Binaries\n - Vulnerable versions of sudo - CVEs (NEW - CVE-2019-14287)\n - Dangerous Environment Variables\n - Credential Harvesting\n - Writable directories where scripts reside\n - Binaries that might be replaced\n - Identify missing scripts\n\nhttps://github.com/TH3xACE/SUDO_KILLER\n+ \n\u041f\u0440\u0438\u043c\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f\nhttps://www.youtube.com/playlist?list=PLQPKPAuCA40FMpMKWZLxQydLe7rPL5bml", "creation_timestamp": "2019-11-24T23:20:05.000000Z"}, {"uuid": "1ee180af-c995-4fad-ab08-a2d0dad3b9f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/SellBooksOnline/552", "content": "TCM - Linux Privilege Escalation for Beginners2024\n\nLanguage : English\n\nsize : 1.4 GB\n\nWhat will I learn?\n\n\u26201) How to enumerate Linux systems manually and with tools\n\n\u26202) A multitude of privilege escalation techniques, including:\n\nKernel Exploits\nPassword Hunting\nFile Permissions\nSudo Attacks\nShell Escaping\nIntended Functionality\nLD_PRELOAD\nCVE-2019-14287\nCVE-2019-18634\nSUID Attacks\nShared Object Injection\nBinary Symlinks\nEnvironment Variables\nCapabilities Attacks\nScheduled Tasks\nNFS\nDocker\n\u26203) Tons of hands-on experience, including:\n\n11 vulnerable machines total\nCapstone challenge\nCustom lab with no installation required\n\nPrice - 10$", "creation_timestamp": "2024-09-01T21:03:52.000000Z"}, {"uuid": "33aadf47-490b-4402-956a-c9ea713f3cb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "published-proof-of-concept", "source": "https://t.me/RdpFreeVpsFree/10715", "content": "TCM - Linux Privilege Escalation for Beginners2024\n\nLanguage : English\n\nsize : 1.4 GB\n\nWhat will I learn?\n\n\u26201) How to enumerate Linux systems manually and with tools\n\n\u26202) A multitude of privilege escalation techniques, including:\n\nKernel Exploits\nPassword Hunting\nFile Permissions\nSudo Attacks\nShell Escaping\nIntended Functionality\nLD_PRELOAD\nCVE-2019-14287\nCVE-2019-18634\nSUID Attacks\nShared Object Injection\nBinary Symlinks\nEnvironment Variables\nCapabilities Attacks\nScheduled Tasks\nNFS\nDocker\n\u26203) Tons of hands-on experience, including:\n\n11 vulnerable machines total\nCapstone challenge\nCustom lab with no installation required\n\n\u2620Download link\n\nhttps://mega.nz/file/tXNTALAJ#sHd67ibXDCNctt_5ElBMUfe79AYt7VQEEIibzOuj2U\n\nChannel : @freee_Hacking_courses", "creation_timestamp": "2024-08-29T22:03:14.000000Z"}, {"uuid": "3ba334b7-473e-4c57-9d78-89bff610aae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "Telegram/ivSNinLPwJ6UGYXiWcgJz3FJ5II37XnHwwsMtinTUrKx0Q", "content": "", "creation_timestamp": "2020-06-09T20:09:17.000000Z"}, {"uuid": "07edce95-f244-4ef6-bc71-626ab7b10dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/information_security_channel/32934", "content": "SUDO Security Policy Bypass Vulnerability \u2013 CVE-2019-14287\nhttps://www.hackingarticles.in/sudo-security-policy-bypass-vulnerability-cve-2019-14287/\n\nAfter the detection of a major security vulnerability, Official released an immediate security fix to the \u2018 sudo \u2018 kit in the Ubuntu repositories. If you are not aware of sudo right\u2019s power then read this post \u201cLinux Privilege Escalation using Sudo Rights\u201d that help you to understand more above \u201cCVE-2019-14287\u201d the latest vulnerability which... Continue reading \u2192\nThe post SUDO Security Policy Bypass Vulnerability \u2013 CVE-2019-14287 (https://www.hackingarticles.in/sudo-security-policy-bypass-vulnerability-cve-2019-14287/) appeared first on Hacking Articles (https://www.hackingarticles.in/).", "creation_timestamp": "2019-11-25T09:46:02.000000Z"}, {"uuid": "1383fe10-7c18-4a86-948c-313472e305d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/canyoupwnme/6044", "content": "Sudo: CVE-2019-14287\nhttps://www.openwall.com/lists/oss-security/2019/10/14/1", "creation_timestamp": "2019-10-15T09:18:25.000000Z"}, {"uuid": "8a6c0bd8-6463-4c46-9fbe-e759dc8cb091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "exploited", "source": "https://t.me/thehackernews/498", "content": "\ud83d\udd25 CVE-2019-14287\n\nA flaw in Sudo\u2014that comes installed on almost every Linux OS\u2014could let users run commands as \"root\" even when they're restricted.\n\nDetails \u27a4 https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html\n\nHow? Just by specifying user ID \"-1\" or \"4294967295\" in the command instead of the root.", "creation_timestamp": "2019-10-14T20:34:27.000000Z"}, {"uuid": "892f8389-0cdc-4234-a01d-e14deab52137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/canyoupwnme/6060", "content": "How to detect CVE-2019-14287 using Falco\nhttps://sysdig.com/blog/detecting-cve-2019-14287/", "creation_timestamp": "2019-10-16T23:00:00.000000Z"}, {"uuid": "56238f65-9366-40c4-8429-e12ee51378f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14287", "type": "seen", "source": "https://t.me/SecLabNews/5985", "content": "\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Apple \u0414\u0436\u043e \u0412\u0435\u043d\u043d\u0438\u043a\u0441 (Joe Vennix) \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2019-14287) \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 sudo \u0432 Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u041a \u0441\u0447\u0430\u0441\u0442\u044c\u044e, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e Linux-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.    \n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 sudo \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043d\u0430 Linux-\u043c\u0430\u0448\u0438\u043d\u0430\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f", "creation_timestamp": "2019-10-15T08:28:13.000000Z"}]}