67 matches found
UBUNTU-CVE-2013-0347
The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file...
Kernel: crypto: algif - suppress sending source address information in recvmsg
The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hashrecvmsg function in crypto/algifhash.c and the...
DEBIAN-CVE-2007-3024
libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cligentempstream function in clamd/clamdscan, which might allow local users to read sensitive files...
Exim 4.41 - 'dns_build_reverse' Local Read Emails
/ ripped straight off iDEFENSE advisory - so lazy I just picked up GDB... bored on a weeknight : nothing to write home to mother about due to the fact that you need a local user account on a server and all you get is to read other people's emails .... not even my own shellcode. aleph1 shellcode -...
Exim 4.41 - dns_build_reverse Local Read Emails
Exim 4.41 - dnsbuildreverse Local Read Emails / ripped straight off iDEFENSE advisory - so lazy I just picked up GDB... bored on a weeknight : nothing to write home to mother about due to the fact that you need a local user account on a server and all you get is to read other people's emails...
security flaw
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O archive or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files...
security flaw
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources...