Lucene search
K

3356 matches found

Packet Storm
Packet Storm
added 2001/10/25 12:0 a.m.20 views

webcache.pl

Proof-of-concept exploit for Oracle9iAS Web Cache/2.0.0.1.0 Creates the file c:\defcom.iyd By [email protected] C2001 Since we do not control the space after what ESP points to, I was lazy and did a direct buffer jump. So, if it does not work, try changing the return addressstart of buffer in me...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/10/17 12:0 a.m.77 views

Samba NETBIOS Name Traversal Arbitrary Remote File Creation

The remote Samba server, according to its version number, allows creation of arbitrary remote files. This vulnerability allows an attacker to overwrite arbitrary files by supplying an arbitrarily formed NetBIOS machine name to this server, and to potentially become root on the remote server. An...

10CVSS5.8AI score0.12032EPSS
Exploits1References1
securityvulns
securityvulns
added 2001/10/11 12:0 a.m.40 views

Security Bulletin MS01-051

---------------------------------------------------------------------- Title: Malformed Dotless IP Address Can Cause Web Page to be Handled in Intranet Zone Date: 10 October 2001 Software: Internet Explorer Impact: Three vulnerabilities: - Cause web page to render a web page using inappropriate...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2001/07/17 12:0 a.m.14 views

Slackware 7.07.18.0 - Manual Page Cache File Creation

Slackware 7.07.18.0 - Manual Page Cache File Creation // source: https://www.securityfocus.com/bid/3054/info Slackware Linux contains a configuration error that enables local users to create files in the directory used by the system manual pager 'man' for cache files. Due to the behaviour of the...

Exploits0
Exploit DB
Exploit DB
added 2001/07/17 12:0 a.m.19 views

Slackware 7.0/7.1/8.0 - Manual Page Cache File Creation

// source: https://www.securityfocus.com/bid/3054/info Slackware Linux contains a configuration error that enables local users to create files in the directory used by the system manual pager 'man' for cache files. Due to the behaviour of the 'man' program, it may be possible for an attacker to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/07/10 12:0 a.m.16 views

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (2)

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation 2 source: https://www.securityfocus.com/bid/3008/info ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2001/07/10 12:0 a.m.10 views

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (1)

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation 1 // source: https://www.securityfocus.com/bid/3008/info ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2001/07/10 12:0 a.m.41 views

Проблема символьных линков в драйвере Samsung ML-85G (symbolic link)

При создании временного файла используется метка времени...

0.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2001/07/10 12:0 a.m.36 views

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (1)

// source: https://www.securityfocus.com/bid/3008/info ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image output files. These files are created in /tmp with a guessable naming...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/07/10 12:0 a.m.27 views

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (2)

source: https://www.securityfocus.com/bid/3008/info ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image output files. These files are created in /tmp with a guessable naming...

7AI score
Exploits0
securityvulns
securityvulns
added 2001/07/06 12:0 a.m.52 views

lmail local root exploit

lmail is vulnerable to an insecure mktemp race which allows a user to overwrite or create a files. Offending code lmail.c: define MAILTMPFILE "/tmp/rmXXXXXX" ... static char tempfname = MAILTMPFILE; ... if fseekstdin, 0L, 0 != 0 mailfile = fopenmktemptempfname, "w+"; ... Patch: s/mktemp/mkstemp/g...

7.5AI score
Exploits0
CERT
CERT
added 2001/07/02 12:0 a.m.42 views

Various shells create temporary files insecurely when using << operator

Overview sh uses /tmp files of a predictable name in creating files for input redirection using the operator. Description When performing the "" redirection, /bin/sh creates a temporary file in /tmp with a name based on the process id, writes subsequent input out to that file, and then closes the...

7.2CVSS6.1AI score0.01415EPSS
Exploits1References3
Debian
Debian
added 2001/06/23 3:8 p.m.17 views

[SECURITY] [DSA-065-1] samba remote file append/creation problem

Package : samba Problem type : remote file append/creation Debian-specific: no Michal Zalewski discovered that samba does not properly validate NetBIOS names from remote machines. By itself that is not a problem, except if Samba is configure to write log-files to a file that includes the NetBIOS...

6AI score
Exploits0
exploitpack
exploitpack
added 2001/06/23 12:0 a.m.13 views

Samba 2.0.x2.2 - Arbitrary File Creation

Samba 2.0.x2.2 - Arbitrary File Creation source: https://www.securityfocus.com/bid/2928/info Samba is a freely available file and printer sharing application maintained and developed by the Samba Development Team. Samba allows file and printer sharing between operating systems on the Unix and...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2001/06/23 12:0 a.m.30 views

Samba 2.0.x/2.2 - Arbitrary File Creation

source: https://www.securityfocus.com/bid/2928/info Samba is a freely available file and printer sharing application maintained and developed by the Samba Development Team. Samba allows file and printer sharing between operating systems on the Unix and Microsoft platforms. A remote local user can...

7.4AI score
Exploits0
NVD
NVD
added 2001/06/18 4:0 a.m.17 views

CVE-2001-0403

/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI...

7.2CVSS6.4AI score0.00683EPSS
Exploits0References2
NVD
NVD
added 2001/06/18 4:0 a.m.15 views

CVE-2001-0265

ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file...

2.1CVSS6.6AI score0.00722EPSS
Exploits0References4
securityvulns
securityvulns
added 2001/04/20 12:0 a.m.22 views

VMware symlink problems

Problem description ---------------------- There is symlink vulnerability in the vmware-mount.pl script which comes with lates VMware. 2. Details ---------- While mounting virtual disk drives using the vmware-mount.pl script, a temporary file named vmware-mount.pl.PID where PID is the current...

1.4AI score
Exploits0
exploitpack
exploitpack
added 2001/04/18 12:0 a.m.10 views

SuSE 7.0 - KFM Insecure .TMP File Creation

SuSE 7.0 - KFM Insecure .TMP File Creation source: https://www.securityfocus.com/bid/2629/info KFM is the KDE File Manager, included with version 1 of the KDE base package in most Linux installations. KFM is designed as a graphical, easily navigated interface to the Linux Filesystem. A problem wi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/04/18 12:0 a.m.24 views

SuSE 7.0 - KFM Insecure &#039;.TMP&#039; File Creation

source: https://www.securityfocus.com/bid/2629/info KFM is the KDE File Manager, included with version 1 of the KDE base package in most Linux installations. KFM is designed as a graphical, easily navigated interface to the Linux Filesystem. A problem with KFM could allow the overwriting of files...

7.4AI score
Exploits0
Rows per page
Query Builder