CVE-2016-4983

A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...

CVE-2013-0415

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Bind/Postinstall script for Bind package...

Design/Logic Flaw

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Bind/Postinstall script for Bind package...

CVE-2013-0415

CVE-2013-0415 is linked to Solaris 10 in the Bind/Postinstall script for the Bind package. Connected sources indicate a local, privilege-escalation vulnerability affecting Solaris 10 (both SPARC and x86) with the potential for arbitrary code execution after user/OS authentication and additional c...

file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install.

Hi list, Two small problems I noticed with Oracle Solaris Update Manager and the latest patch cluster on Solaris 10 x86. += Local Root If the system administrator is updating the system using update manager or smpatch multi user mode a race condition exists with the postinstall script for SUNWbin...

PT-2008-6168 · Twiki · Twiki

Name of the Vulnerable Software and Affected Versions: twiki version 4.1.2 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. The vendor disputes this issue, stating it is invalid. Recommendations: For twiki version 4.1.2,...

Solaris 10 (x86) : 119784-40 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Bind/Postinstall script for Bind package. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component o...