Lucene search
K

229 matches found

securityvulns
securityvulns
added 2009/07/05 12:0 a.m.33 views

xscreensaver local arbitrary file disclosure | symlink attack

xscreensaver local arbitrary file disclosure | symlink attack The "xscreensaver" program distributed normally with Xorg can be abused to disclose local files owned by other users also of the root account. Xscreensaver has the setuid bit on by default Example: Opensolaris The xscreensaver program...

2.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/12/09 12:30 a.m.20 views

CVE-2008-5397

Tor before 0.2.0.32 does not properly process the 1 User and 2 Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process...

7.2CVSS5.9AI score0.00357EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2008/10/03 5:41 p.m.29 views

CVE-2008-4360

moduserdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a...

7.5CVSS5.9AI score0.04345EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2008/05/20 2:28 p.m.32 views

Low: Red Hat Security Advisory: dovecot security and bug fix update

An updated dovecot package that fixes several security issues and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. Dovecot is an IMAP server for Linux and UNIX-like systems, primarily...

6.8CVSS5.8AI score0.02123EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2007/08/21 12:0 a.m.35 views

GLSA-200708-13 : BIND: Weak random number generation

The remote host is affected by the vulnerability described in GLSA-200708-13 BIND: Weak random number generation Amit Klein from Trusteer reported that the random number generator of ISC BIND leads, half the time, to predictable 1 chance to 8 query IDs in the resolver routine or in zone transfer...

5.8CVSS6.6AI score0.1309EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/06/16 12:0 a.m.33 views

GLSA-200606-09 : SpamAssassin: Execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200606-09 SpamAssassin: Execution of arbitrary code When spamd is run with both the '--vpopmail' -v and '--paranoid' -P options, it is vulnerable to an unspecified issue. Impact : With certain configuration options, a local or eve...

5.1CVSS6.1AI score0.74703EPSS
Exploits12References2
Gentoo Linux
Gentoo Linux
added 2006/06/11 12:0 a.m.27 views

SpamAssassin: Execution of arbitrary code

Background SpamAssassin is an extensible email filter used to identify junk email. spamd is the daemonized version of SpamAssassin. Description When spamd is run with both the "--vpopmail" -v and "--paranoid" -P options, it is vulnerable to an unspecified issue. Impact With certain configuration...

5.1CVSS7AI score0.74703EPSS
Exploits12
myhack58
myhack58
added 2005/12/04 12:0 a.m.14 views

Iris network Sniffer used with skill-the loophole warning-the black bar safety net

| The following part of the translation from iris comes with the Help file 1. 【Iris】 A good performance of the Sniffer. Sniffer English is Sniff, which is mounted in a computer and listening devices, monitored by computer data. 2. 【Iris installation position】 As a Sniffer, it can only be captured...

0.1AI score
Exploits0
FreeBSD
FreeBSD
added 2004/11/25 12:0 a.m.32 views

viewcvs -- information leakage

The hidecvsroot and forbidden configuration options are not properly honored by viewcvs when exporting to a tar file which can lead to information leakage...

5CVSS6.4AI score0.01294EPSS
Exploits0
Rows per page
Query Builder