CVE-2011-1943

CVE-2011-1943 affects NetworkManager 0.8.999-3.git20110526 in Fedora 15, where the destroy_one_secret function in nm-setting-vpn.c (libnm-util) logs a certificate password. The log entry can be read by local users, allowing disclosure of sensitive information. Impact is limited to confidentiality...

Fedora Update for fail2ban FEDORA-2011-5151

Check for the Version of fail2ban OpenVAS Vulnerability Test Fedora Update for fail2ban FEDORA-2011-5151 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Code injection

The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name...

CVE-2011-0012

The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name...

[SECURITY] Fedora 14 Update: logrotate-3.7.9-2.fc14

The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log...

spice-xpi: symlink attack on usbrdrctl log file

The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name...

Red Hat Enterprise Linux logrotate任意执行命令及信息泄露漏洞

CVE ID: CVE-2011-1155,CVE-2011-1154,CVE-2011-1098 logrotate程序可简化多个日志文件的管理，允许日志文件的自动循环、压缩、删除和 邮寄。 logrotate处理shred指令时存在shell命令注入漏洞，特制日志文件可造成logrotate 以运行logrotate默认root的用户权限执行任意命令。注意：默认没有启用shred指令。 logrotate在创建新日志文件时应用权限的方式中存在竞争条件漏洞，在一些特定配置 中，本地攻击者可利用此漏洞在logrotate应用最终权限之前打开新的日志文件，可导 致泄露敏感信息。...

[SECURITY] Fedora 15 Update: logrotate-3.7.9-8.fc15

The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log...

Rails 3.0.5 Log File Injection Proof Of Concept

Encoding: UTF-8 Log-File-Injection - Ruby on Rails 3.05 possibilities: - possible date back attacks tried with request-log-analyzer: worked but teasercheckwarnings - ip spoofing - binary log-injections - DOS if ip is used with an iptables-ban-script !! works only on intranet apps !! Fix: validate...

logwatch: Privilege escalation due improper sanitization of special characters in log file names

logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server...

vTiger CRM 5.0.4 - Local File Inclusion

!/usr/bin/python INFORMATION: Exploit Title: Vtiger CRM 5.0.4 Pre-Auth Local File Inclusion Exploit Google Dork: "The honest Open Source CRM" "vtiger CRM 5.0.4" Date: 5/3/2011 CVE: CVE-2009-3249 Windows link: http://bit.ly/fiOYCL Linux link: http://bit.ly/hluzLf Tested on: Windows XP/Linux Ubuntu...

CVE-2011-1018

logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server...

CVE-2011-1018

logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server...

SigPlus Pro ActiveX Control < 4.29 Multiple Vulnerabilities

The SigPlus Pro ActiveX control, used for electronic signature integration with Topaz signature pads and installed on the remote Windows host, is earlier than 4.29. Such versions reportedly are affected by the following vulnerabilities : - The 'SetLogFilePath' method allows creation of a log file...

DEBIAN-CVE-2011-0017

The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack...

CVE-2011-0017

The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack...

syslog-ng wrong file permission vulnerability

========================================================================== syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE = Information leak, access prevention and possible priviledge escalation CVE-2011-0343 ========================================================================== 1. OVERVIEW Versions...

Design/Logic Flaw

The Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local users to obtain sensitive information by reading this file...

Axigen Webmail 7.4.1 Directory Traversal

We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this blog post, we will look into the details of a very serious web vulnerability discovered by Acunetix WVS in Axigen. "Axigen is an integrat...

CVE-2010-3319

IBM Records Manager RM 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file...