1641 matches found
IBM AIX cfgmgr工具本地权限提升及任意文件覆盖漏洞
IBM AIX是一款商业性质的UNIX操作系统。 AIX的cfgmgr工具的实现上存在缓冲区漏洞,本地攻击者可能利用此漏洞提升权限或导致文件覆盖。 如果system组的用户提交了大于长度2K的目录路径字符串做为参数的话,就会触发这个漏洞,导致覆盖任意系统文件或以root用户权限执行任意指令。 IBM AIX 5.3 IBM AIX 5.2 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: ftp://aix.software.ibm.com/aix/efixes/security/cfgmgrifix.tar.Z...
Mac OS X DS_Store Arbitrary File Overwrite Exploit
No description provided by source. !/usr/bin/perl OSX Finder DSStore arbitrary file overwrite exploit. root version vade79 - [email protected] fakehalo/realhalo this will create a directory called "xfinder" in your home directory, once the root user has modified that directory using Finder in almost...
IBM AIX utilities multiple security vulnerabilities
Xclock buffer overflow; utape, cfgmgr, rdist, uucp, snappd, named8 and mkvg privilege escalation; slip.login and Inventory Scout arbitrary file overwrite...
[SA22062] IBM AIX Inventory Scout Arbitrary File Overwrite Vulnerability
TITLE: IBM AIX Inventory Scout Arbitrary File Overwrite Vulnerability SECUNIA ADVISORY ID: SA22062 VERIFY ADVISORY: http://secunia.com/advisories/22062/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: Local system OPERATING SYSTEM: AIX 5.x http://secunia.com/product/213/ DESCRIPTION: ...
RadScripts - a_editpage.php?Filename Arbitrary File Overwrite
RadScripts - aeditpage.php?Filename Arbitrary File Overwrite source: https://www.securityfocus.com/bid/19128/info Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts...
RadScripts - 'a_editpage.php?Filename' Arbitrary File Overwrite
source: https://www.securityfocus.com/bid/19128/info Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring authentication. A remote attacker...
CVE-2006-3593
The command line interface CLI in Cisco Unified CallManager CUCM 5.01 through 5.03a allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704...
Secure Elements Class 5 AVR server fails to properly validate pathnames when downloading updates
Overview The Secure Elements Class 5 AVR server fails to properly validate pathnames when downloading updates. This may allow an attacker to overwrite arbitrary files on the server system. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security produc...
CVE-2006-1440
BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links...
CVE-2006-1440
The CVE-2006-1440 entry affects Apple Mac OS X, specifically versions 10.3.9 and 10.4.6. The vulnerability arises from a BOM-related issue where an archive containing symbolic links can lead attackers to overwrite arbitrary files. The connected documents corroborate the same description, reinforc...
DEBIAN-CVE-2006-1753
A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file...
[SA19656] IBM AIX rm_mlcache_file Arbitrary File Overwrite
TITLE: IBM AIX rmmlcachefile Arbitrary File Overwrite SECUNIA ADVISORY ID: SA19656 VERIFY ADVISORY: http://secunia.com/advisories/19656/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: Local system OPERATING SYSTEM: AIX 5.x http://secunia.com/product/213/ DESCRIPTION: A vulnerability...
CVE-2006-0950
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...
CVE-2006-0950
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...
DEBIAN-CVE-2005-3885
The ps2epsi extension shell script ps2epsi.sh in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file...
Acme thttpd < 2.24 CGI Test Script Symlink Arbitrary File Overwrite
Binary data 3282.prm...
security flaw
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command...
HylaFAX < 4.2.2 RC1 xferfaxstats Symlink Arbitrary File Overwrite
Binary data 3236.prm...
CVE-2005-2944
The performfilesave function in GNOME Workstation Command Center gwcc 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwccout.txt temporary file...
iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability
Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability iDEFENSE Security Advisory 08.29.05 www.idefense.com/application/poi/display?id=297&type=vulnerabilities August 29, 2005 I. BACKGROUND Adobe Version Cue is a software version tracking system for Adobe products distributed with Adob...