CVE-2005-1705

gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb...

cdrdao privilege escalation

root privileges are not dropped before writing configuration file...

CVE-2003-1140

Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file...

CVE-2003-1140

CVE-2003-1140 describes a buffer overflow in Musicqueue 1.2.0 that allows local users to execute arbitrary code via a long language variable in the configuration file. The provided documents specify the affected product/version and the activation vector as local/ configuration-based overflow, but...

CVE-2005-0194

Squid 2.5, when processing the configuration file, parses empty Access Control Lists ACLs, including proxyauth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warning...

CVE-2005-0440

ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL...

CVE-2000-1220

The line printer daemon lpd in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file...

BakBone NetVault 6.x/7.x - Local Stack Buffer Overflow

/ for more informations class101.org/netv-locsbof.pdf / include include ifdef WIN32 include "winsock2.h" pragma commentlib, "ws232" else include include include include include include include include include include endif char scode1= /add u:class101 p:class101 Administrators users/...

CVE-2002-1635

The CVE-2002-1635 entry concerns Oracle 9i Application Server (9iAS) where the Apache httpd.conf uses a Location alias for /perl instead of a ScriptAlias. This misconfiguration enables a remote attacker to read the source code of arbitrary CGI files via a URL that targets /perl rather than /cgi-b...

CVE-2002-1635

The Apache configuration file httpd.conf in Oracle 9i Application Server 9iAS uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin...

CVE-2005-0624

CVE-2005-0624 affects reportbug before 2.62; .reportbugrc is created with world‑readable permissions, allowing local users to obtain email smarthost passwords. Impact: partial confidentiality; exploit requires local access. NVD metrics show LOW severity (AV:L, AC:L, AU:N). The provided documents ...

CVE-2004-1031

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user,...

USN-88-1: reportbug information disclosure

Rolf Leggewie discovered two information disclosure bugs in reportbug. The per-user configuration file /.reportbugrc was created world-readable. If it contained email smarthost passwords, these were readable by any other user on the computer storing the home directory. reportbug usually includes...

CVE-2005-0624

reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...

gigafast.txt

This router is/was widely sold in CompUSA stores. It is a Gigafast router, re-branded as a CompUSA router. All firmware versions are affected. When reported to the manufacturer on 5/13/04, I had received a response stating that the information would be passed on to firmware developer. Almost a ye...

CVE-2004-1504

The displaycontent function in config.php for Just Another Flat file JAF CMS 3.0RC allows remote attackers to gain sensitive information via a blank show parameter, which reveals the installation path in an error message, as demonstrated using index.php...

ELOG Web Logbook < 2.5.7 Multiple Remote Vulnerabilities (OF, Traversal)

The remote host is running ELOG Web Logbook, a free webinterface logbook. According to its banner, the version of ELOG Web Logbook installed on the remote host contains a buffer overflow that can be triggered when handing attachment with names longer than 256 characters to execute code on the...

CVE-2005-0440

CVE-2005-0440 affects ELOG Web Logbook prior to 2.5.7. An unauthenticated attacker can craft a modified URL to bypass authentication and retrieve a configuration file that contains a sensitive write password. Affected component: ELOG Web Logbook (server-side). Impact: partial confidentiality of t...

CVE-2004-1474

This CVE pertains to Symantec Enterprise Firewall/VPN Appliances (models 100, 200, 200R) with firmware before 1.63 and Gateway Security appliances (320, 360, 360R) with firmware before 622. The underlying issue is a default read/write SNMP community string, which lets an unauthenticated remote at...

CVE-2005-0194

Squid 2.5, when processing the configuration file, parses empty Access Control Lists ACLs, including proxyauth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warning...