Solaris 10 (sparc) : 119783-32

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Bind/Postinstall script for Bind package. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component o...

Solaris 10 (x86) : 119784-31

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Bind/Postinstall script for Bind package. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component o...

Cohu 3960HD 'webupgrade' function file upload vulnerability

The Cohu 3960HD is an IP zoom camera from Cohu USA that is typically used as a traffic camera. A file upload vulnerability exists in the 'webupgrade' function in the Cohu 3960HD, which stems from the program failing to validate a file or process uploaded by the firmware. An attacker can exploit t...

Malicious Module

pandora-doomsday and test-module-a are modules which can infect other modules. During installation, the module runs a postinstall script that adds the package's author mr-robot as an owner to every other package owned by the user that ran the npm install method...

CVE-2016-4983

A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...

CVE-2013-0415

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Bind/Postinstall script for Bind package...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Bind/Postinstall script for Bind package...

CVE-2013-0415

CVE-2013-0415 is linked to Solaris 10 in the Bind/Postinstall script for the Bind package. Connected sources indicate a local, privilege-escalation vulnerability affecting Solaris 10 (both SPARC and x86) with the potential for arbitrary code execution after user/OS authentication and additional c...

file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install.

Hi list, Two small problems I noticed with Oracle Solaris Update Manager and the latest patch cluster on Solaris 10 x86. += Local Root If the system administrator is updating the system using update manager or smpatch multi user mode a race condition exists with the postinstall script for SUNWbin...

PT-2008-6168 · Twiki · Twiki

Name of the Vulnerable Software and Affected Versions: twiki version 4.1.2 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. The vendor disputes this issue, stating it is invalid. Recommendations: For twiki version 4.1.2,...

Solaris 10 (x86) : 119784-40 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Bind/Postinstall script for Bind package. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component o...