2494 matches found
CVE-2000-0780
The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. dot dot attack...
Oatmeal Studios Mail File 1.10 - Arbitrary File Disclosure
source: https://www.securityfocus.com/bid/1807/info OatMeal studios' Mail-File is a cgi application that allows for sending of certain files to user-specified email addresses via a web interface. A vulnerability exists in this script that can be used to send the contents of any readable...
Дыра в Quake 3 Arena
Со стороны сервера можно прочитать/записать любой файл на клиентской машине используя обратный путь в директориях...
AT Computing atsar_linux 1.4 - File Manipulation
AT Computing atsarlinux 1.4 - File Manipulation source: https://www.securityfocus.com/bid/1048/info atsar is a linux load monitoring software package released under the GPL by AT Computing. atsadc is a setuid root binary that is included in the atsar package. atsadc is setuid because it obtains...
Corel Linux OS 1.0 - buildxconfig
Corel Linux OS 1.0 - buildxconfig source: https://www.securityfocus.com/bid/1007/info Several vulnerabilities exist in the buildxconfig program, as included with Corel Linux 1.0. Using this program, it is likely that a local user could elevate privileges. By failing to check input to the -f and -...
CVE-1999-0061
File creation and deletion, and remote execution, in the BSD line printer daemon lpd...
CVE-1999-0127
swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access...
unixware7.uidadmin.txt
Greetings, OVERVIEW SCO UnixWare 7.1's sgid-sys /usr/bin/uidadmin will allow any user to gain root privileges as a result of it's ability to write ANY file, not just those traditionally writable by gid-sys. BACKGROUND All of my testing was done on UnixWare 7.1, no other versions have been tested...
Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities
// source: https://www.securityfocus.com/bid/770/info There are several CGI programs that ship with the Alibaba webserver. Many of these do not do proper input handling, and therefore will allow requests for access to files outside of normal or safe webserver practice. This results in various...
CVE-1999-0019
Delete or create a file via rpc.statd, due to invalid information...
ie5_vulnerabilities.txt
Subject: IE 5.0 security vulnerabilities - ImportExportFavorites - at least creating and overwriting files, probably executing programs To: [email protected] Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer...
tmp-advisory.txt
L0pht Security Tool and miniAdvisory Advisory released Jan 8 1999 Application: A tool designed to monitor directory activity, copy transient files based upon regular expression matching, syslog upon seeing links created, etc. etc. Severity: Just about every OS out there is replete with programs...
CVE-1999-1480
1 acledit and 2 aclput in AIX 4.3 allow local users to create or modify files via a symlink attack...
CVE-1999-0061
File creation and deletion, and remote execution, in the BSD line printer daemon lpd...