CVE-2004-0881

Removed by vendor...

Fedora Core 1 : rsync-2.5.7-5.fc1 (2004-116)

Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot. This could allow a remote attacker to write files outside of the module's 'path', depending on the privileges assigned to the rsync daemon. Users not running an rsync daemon, running a...

DEBIAN-CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

Multiple vulnerabilities in xine

Background xine is a multimedia player allowing to play back CDs, DVDs, and VCDs and decoding multimedia files like AVI, MOV, WMV, and MP3 from local disk drives, and displays multimedia streamed over the Internet. It is available in Gentoo as a reusable library xine-lib with a standard user...

hpjadmadv.txt

Product: HP Web JetAdmin Version 7.5.2546 Others that use this codebase assumed vulnerable Note: Only tested on the Windows Platform. Vulnerability: Denial of Service, Upload Any file to the filesystem to a known location, Write to any file on the file system, Read any file from the filesystem...

smbprintsymlink.txt

Product: Samba 'smbprint' script. http://www.samba.org Versions: All versions, but manifesting in different ways. Bug: Symlink bug / tmpfile bug. Impact: Attacker's can write to arbitrary files, and in theory, elevate privileges unlikely Risk: LOW Date: March 19, 2004 Author: Shaun Colley Email:...

Gast Arbeiter Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - ------------------------------------------------------------ NATOK security labs natok at hush.com October 20st, 2003 Privilege Escalation - - - ------------------------------------------------------------ - - - Overview Software : Gast Arbeiter...

GuppY 2.4 - Remote File Access

source: https://www.securityfocus.com/bid/8769/info GuppY is prone to an issue that could allow a remote attacker to read or write to files on the vulnerable server. This issue presents itself in the tinymsg.php component of the software. The attacker could only access files to which the webserve...

IBM DB2 privilege escalation

db2job allows to write any file...

CVE-2003-0284

Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus...

Apache 2.0.x < 2.0.45 Multiple Vulnerabilities (DoS, File Write)

The remote host is running a version of Apache 2.0.x that is prior to 2.0.45. It is, therefore, reportedly affected by multiple vulnerabilities : - There is a denial of service attack that could allow an attacker to disable this server remotely. - The httpd process leaks file descriptors to child...

CVE-2002-0631

Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges...

CVE-2002-0631

Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges...

GnoRPM local /tmp vulnerability

While fixing other problems with the gnorpm package a locally exploitable security hole was found where a normal user could trick root running GnoRPM into writing to arbitary files due to a bug in the gnorpm tmp file handling. A new release of GnoRPM 0.95.1 is now available. This fixes significan...

Дырка в cvsweb

Атакующий, имеющий права на запись файлов может выполнить приложения...

ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed

ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed Apache::ASP http://www.nodeworks.com/asp/ had a security hole in its ./site/eg/source.asp distribution examples file, allowing a malicious hacker to potentially write to files in the directory local to the source.asp example script. The next versio...

Уязвимость файловой системы в AIX

При некоторых условиях пользователь может записать файл, даже не имея на это разрешений...

CVE-1999-0803

The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack...

CVE-1999-0322

The open function in FreeBSD allows local attackers to write to arbitrary files...