Stack overflow

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server OFS TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file...

CVE-2014-0774 Schneider Electric OFS Stack Buffer Overflow

Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server OFS TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file...

Cisco Adaptive Security Appliance Phone Proxy sec_db Race Condition Vulnerability

A vulnerability in the TFTP request function of the Phone Proxy feature of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to pass traffic from an untrusted phone through the ASA. The vulnerability is due to a limitation in processing the TFTP request for...

MGASA-2014-0058 Updated augeas package fixes security vulnerabilities

Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a directory owned by a...

Design/Logic Flaw

Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csiaconfig.xml, which allows local users to change CSI Agent configuration by modifying this file...

CVE-2013-5364

Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csiaconfig.xml, which allows local users to change CSI Agent configuration by modifying this file...

Updated cups packages fix a security vulverability

Updated cups packages fix security vulnerability: Jann Horn discovered that the CUPS lppasswd tool incorrectly read a user configuration file in certain configurations. A local attacker could use this to read sensitive information from certain files, bypassing access restrictions CVE-2013-6891...

PHPJabbers Appointment Scheduler 2.0多个漏洞

No description provided by source. Appointment Scheduler V2.0 - Multiple Vulnerabilities ========================================================================= .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

MySQL debian.cnf Plaintext Credential Disclosure

The version of MySQL installed on the remote host is 5.5.x prior to 5.5.33. It is, therefore, potentially affected by a race condition in the post-installation script of the MySQL server package mysql-server-5.5.postinst that creates the configuration file '/etc/mysql/debian.cnf' with...

Atmail 6 /config/dbconfig.ini 信息泄露漏洞

No description provided by source...

BlogEngine.net information disclosure vulnerability

Overview BlogEngine.net 2.8.0.0 and earlier versions contain an information disclosure vulnerability which could allow an attacker to gain access to credentials. Description CWE-200: Information ExposureBlogEngine.net 2.8.0.0 and earlier contain an information disclosure vulnerability which could...

Authentication flaw

Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a weak authentication scheme when the configuration file does not specify a scheme, which has unspecified impact and attack vectors...

PT-2013-6046 · Red Hat · Candlepin +1

Name of the Vulnerable Software and Affected Versions: Red Hat Subscription Asset Manager versions 1.0 through 1.3 Description: The issue concerns a weak authentication scheme used by Candlepin in Red Hat Subscription Asset Manager when the configuration file does not specify a scheme. This has a...

discuz!某自带工具可拿shell

简要描述： discuz!某自带工具，由于使用不当，可以造成webshell。 而且经过调查，使用者数量较大。 详细说明： discuz! 安装包中会自带一个转换工具 convert 这个工具由于存在安全问题，可以拿shell 一般存在网站目录 convert 或 utility/convert 而且经过调查，使用数量还是很大的。 使用前题是data目录可写，这也是这个工具的使用前题。 分析： 文件： utility\convert\include\doconfig.inc.php 中 保存配置，跟踪到saveconfigfile...

Scientific Linux Security Update : luci on SL6.x i386/x86_64 (20131121)

A flaw was found in the way the luci service was initialized. If a system administrator started the luci service from a directory that was writable to by a local user, that user could use this flaw to execute arbitrary code as the root or luci user. CVE-2013-4482 A flaw was found in the way luci...

CVE-2012-6150

The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by...

CVE-2012-6150

The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by...

CVE-2013-5463

The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 allows remote attackers to bypass intended access restrictions by injecting a 1 DLL or 2 configuration file...

Design/Logic Flaw

The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 allows remote attackers to bypass intended access restrictions by injecting a 1 DLL or 2 configuration file...

CVE-2013-5463

The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 allows remote attackers to bypass intended access restrictions by injecting a 1 DLL or 2 configuration file...