Lucene search
K

2856 matches found

0day.today
0day.today
added 2011/08/24 12:0 a.m.24 views

Video Merge split Local Buffer Overflow

Exploit for windows platform in category local exploits !/usr/bin/python import sys print "" print " Name:Video Merge split Local Buffer Overflow " print " Author:Angel Injection " print " Home Page:http://dev-point.com/ http://sec-krb.org/ " print " Note:Iam Angel Injection From the country of...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/15 6:46 a.m.4 views

Linux Kernel 3.1 RC2 Released

Linux Kernel 3.1 RC2 Released Linus Torvalds has announced the release of Linux kernel 3.1 rc2. There isn't too much to see and Linus notes that this is a fairly calm release for coming just one week after the close of the Linux 3.1 kernel merge window. As LKML is down at the moment, below is the...

7.1AI score
Exploits0
NVD
NVD
added 2011/03/18 4:55 p.m.27 views

CVE-2008-7277

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.5CVSS6.3AI score0.01467EPSS
Exploits0References2
OSV
OSV
added 2011/03/18 4:55 p.m.9 views

CVE-2008-7277

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.2AI score
Exploits0References2
OSV
OSV
added 2011/03/18 4:55 p.m.5 views

DEBIAN-CVE-2008-7277

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.5CVSS6.9AI score0.01467EPSS
Exploits0References1
Prion
Prion
added 2011/03/18 4:55 p.m.23 views

Design/Logic Flaw

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.5CVSS6.8AI score0.01467EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2011/03/18 4:0 p.m.61 views

CVE-2008-7277

Open Ticket Request System (OTRS) before 2.3.0-beta4 is vulnerable to a merge-operations permission bypass. The authorization logic checks for the rw permission rather than the configured merge permission, potentially allowing remote authenticated users to bypass intended access restrictions when...

6.5CVSS6.5AI score0.01467EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2011/03/18 4:0 p.m.25 views

CVE-2008-7277

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.3AI score0.01467EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2011/03/18 4:0 p.m.27 views

CVE-2008-7277

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.5CVSS6.3AI score0.01467EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2011/01/13 12:0 a.m.4 views

Low: Red Hat Enhancement Advisory: subversion enhancement update

Updated subversion packages that upgrade Subversion to upstream version 1.6.11 and provide two enhancements are now available for Red Hat Enterprise Linux 5. Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a...

2.1CVSS7.2AI score0.01525EPSS
Exploits0References1
OSV
OSV
added 2010/10/07 9:0 p.m.3 views

DEBIAN-CVE-2010-1322

The mergeauthdata function in kdcauthdata.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service daemon crash, or possibly obtain sensitive...

6.5CVSS8.3AI score0.0304EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.13 views

MDKA-2007:062 : rpmdrake

The rpmdrake package, which provides the graphical software installation and update tools rpmdrake, drakrpm-edit-media and MandrivaUpdate, included with Mandriva Linux 2007 Spring contains several bugs. These include: When installing software with rpmdrake, if packages are selected for installati...

0.1AI score
Exploits0References1
Prion
Prion
added 2009/03/30 8:30 p.m.18 views

Design/Logic Flaw

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. dot dot sequences that point to a directory containing a file whose name includes shell metacharacters...

7.2CVSS7AI score0.00802EPSS
Exploits1References5Affected Software2
Cvelist
Cvelist
added 2009/03/30 8:0 p.m.24 views

CVE-2008-6559

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. dot dot sequences that point to a directory containing a file whose name includes shell metacharacters...

6.5AI score0.00802EPSS
Exploits1References5
CVE
CVE
added 2009/03/30 8:0 p.m.47 views

CVE-2008-6559

The CVE-2008-6559 entry details a local privilege-escalation in ReliantHA 1.1.4 running on SCO UnixWare 7.1.4. The vulnerability arises when a crafted -d argument contains .. sequences that resolve to a directory containing a file whose name includes shell metacharacters, enabling local users to ...

7.2CVSS6.7AI score0.00802EPSS
Exploits1References5Affected Software2
Prion
Prion
added 2008/08/04 7:41 p.m.12 views

Improper access control

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory...

5CVSS6.5AI score0.02799EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2008/08/04 7:41 p.m.16 views

CVE-2008-3458

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory...

5CVSS6.2AI score0.02799EPSS
Exploits1References7
Cvelist
Cvelist
added 2008/08/04 7:0 p.m.17 views

CVE-2008-3458

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory...

6.2AI score0.02799EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2008/07/24 5:9 p.m.7 views

MySQL improper permission revocation

MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy...

2.1CVSS7.3AI score0.0174EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/07/10 12:0 a.m.16 views

UnixWare Merge mcd Local Root Exploit

No description provided by source. / 04/2008: public release I have'nt seen any advisory on this; possibly still not fixed. SCO UnixWare Merge mcd Local Root Exploit By qaaz / include stdio.h include stdlib.h include string.h include unistd.h include errno.h include sys/stat.h define TARGET...

7.1AI score
Exploits0
Rows per page
Query Builder