1404 matches found
CVE-2007-6328
DOSBox 0.72 and earlier allows local users to obtain access to the filesystem on the host operating system via the mount command. NOTE: the researcher reports a vendor response stating that this is not a security problem...
Filesystem access in DOSBox 0.72
Luigi Auriemma Application: DOSBox http://dosbox.sourceforge.net Versions: = 0.72 and current CVS Platforms: Windows, Linux, BSD and Mac Bug: access to the filesystem Exploitation: local Date: 10 Dec 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 T...
CVE-2007-4263
Unspecified vulnerability in the server side of the Secure Copy SCP implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors...
Oracle 9i10g - utl_file FileSystem Access
Oracle 9i10g - utlfile FileSystem Access -- -- $Id: raptororafile.sql,v 1.1 2006/12/19 14:21:00 raptor Exp $ -- -- raptororafile.sql - file system access suite for oracle -- Copyright c 2006 Marco Ivaldi -- -- This is an example file system access suite for Oracle based on the utlfile -- package...
[SBDA] SiteKiosk - FileSystem Access
Still time before Christmas. ======================================================================== = SiteKiosk - FileSystem Access = = Vendor Website: = http://www.sitekiosk.com/ = = Affected Software: = SiteKiosk 6.5.150 = = Public disclosure on Tuesday December 12, 2006...
CVE-2006-5862
Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized NAV before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors...
Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass
Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass source: https://www.securityfocus.com/bid/17742/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied...
WebLogic Server / WebLogic Express multiple security vulnerabilities
DoS, local filesystem access...
webadmin.php LFI Vulnerability - Active Check
webadmin.php is prone to a local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-823-1 : util-linux - privilege escalation
David Watson discovered a bug in mount as provided by util-linux and other packages such as loop-aes-utils that allows local users to bypass filesystem access restrictions by re-mounting it read-only. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
DSA-823-1 util-linux - privilege escalation
Bulletin has no description...
webadmin.php show Parameter Arbitrary File Access
webadmin.php was found on your web server. In its current configuration, this file manager CGI gives access to the whole filesystem of the machine to anybody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid18586;...
CVE-2004-2073
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command...
CVE-2004-1795
Technical details about CVE-2004-1795 are not publicly available in the provided connected documents. Monitor for updates.
PHP4 cURL functions bypass open_basedir
==================================================== Subject: PHP4 cURL functions bypass openbasedir Author: frame at kernelpanik.org Product: PHP4 compile with cURL not tested in PHP5 Vendor: PHP/Zend Vendor URL: www.php.net Tipe: Local Risk: Low/Medium...
GLSA-200408-09 : Roundup: Filesystem access vulnerability
The remote host is affected by the vulnerability described in GLSA-200408-09 Roundup: Filesystem access vulnerability Improper handling of a specially crafted URL allows access to the server's filesystem, which could contain sensitive information. Impact : An attacker could view files owned by th...
Platinum FTP server Multiple Vulnerabilities
Binary data 1825.prm...
Roundup: Filesystem access vulnerability
Background Roundup is a simple to use issue-tracking system with command-line, web, and e-mail interfaces. Description Improper handling of a specially crafted URL allows access to the server's filesystem, which could contain sensitive information. Impact An attacker could view files owned by the...
IRM Security Advisory 9
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- IRM Security Advisory No. 009 RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities Vulnerablity Type / Importance: Network Subversion, Open Proxy, Brute-For...
roundUP.txt
Vickenty Fesunov 2004-05-27 04:51 random filesystem access Roundup uses /home/@@file/ prefix to get static files from the filesystem. It does not restrict in any way the files that are handled. I have a roundup tracker home at /home/kent/cit, then I do the following: kent@kent:$ nc localhost 8080...