openSUSE Security Update : sudo (openSUSE-2017-636)

This update for sudo fixes the following issues : CVE-2017-1000367 : - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...

CVE-2017-9034

Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate software updates...

CVE-2017-9034

Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate software updates...

Trend Micro ServerProtect for Linux Arbitrary File Write Vulnerability

Trend Micro ServerProtect for Linux is a Trend Micro Trend Micro company for Linux in the virus before reaching the end-user to be blocked to prevent the expansion of the entire network of antivirus software. A security vulnerability exists in Trend Micro ServerProtect for Linux version 3.0. The...

Kodi Directory Traversal Vulnerability

Kodi is an open source media player developed by the XBMC Foundation that supports playback of most videos, music, podcasts, and a variety of common digital media files from local or networked storage devices. A directory traversal vulnerability exists in the 'Zip Extraction built-in' function in...

Arbitrary File Write Vulnerability in HelpEditer.aspx File of MicroXia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. A write shell vulnerability exists in the 'HelpEditer.aspx' file of MicroXia Online Learning Platform. It allows remote attackers to gain server privileges by constructing a malicious data stream to write ...

Directory traversal

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles...

CVE-2017-8314

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles...

DEBIAN-CVE-2017-8314

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles...

UBUNTU-CVE-2017-8314

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles...

CVE-2017-8314

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles...

CVE-2017-8314

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles...

CVE-2017-8314

Kodi 17.1 and earlier are affected by a Directory Traversal in the Zip Extraction built-in function, allowing arbitrary file writes when processing a ZIP subtitle file. The exploitation path involves a specially crafted subtitle ZIP, which can write files to disk with the privileges of the Kodi p...

CVE-2017-8314

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles...

CVE-2017-8314

Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles...

WGET Vulnerability

The wget library has been found to contain a vulnerability CVE 2016-4971. wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. Ref PAN-59677/ CVE...

LVRTC eParakstitajs 3 and edoc-libraries arbitrary file write vulnerability

LVRTC eParakstitajs 3 and edoc-libraries are both products of the Latvian company LVRTC. The former is an electronic signature solution for insurance use; the latter is a file system for specially created and produced EDOC documents. An arbitrary file write vulnerability exists in LVRTC...

Samsung wssyncmlnps Directory Traversal Vulnerability

Samsung wssyncmlnps a software update service in smartphones from the South Korean company Samsung Samsung.Kies restore is one of the system recovery features. A directory traversal vulnerability exists in Kies restore in versions of Samsung wssyncmlnps prior to 2015-10-31. An attacker could...

Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10010 Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dbman service, which listens on TCP port...

Remote file inclusion

In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process...