6 matches found
Symlink Attack
Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Symlink Attack via the DataDump.add process. An attacker can gain ownership of arbitrary directories and their contents by creating a symlink within their own directory that points to...
CVE-2026-26279
Froxlor is open source server administration software. Prior to 2.3.4, a typo in Froxlor's input validation code == instead of = completely disables email format checking for all settings fields declared as email type. This allows an authenticated admin to store arbitrary strings in the...
CVE-2020-25758
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...
UBUNTU-CVE-2018-12029
A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passengerinstanceregistrydir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but befor...
Solaris Update for bsmunconv overwrites root cron tab if cu created /tmp/root 111069-01
Check for the Version of bsmunconv overwrites root cron tab if cu created /tmp/root OpenVAS Vulnerability Test Solaris Update for bsmunconv overwrites root cron tab if cu created /tmp/root 111069-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Solaris Update for bsmunconv overwrites root cron tab if cu created /tmp/root 111069-01
Check for the Version of bsmunconv overwrites root cron tab if cu created /tmp/root OpenVAS Vulnerability Test Solaris Update for bsmunconv overwrites root cron tab if cu created /tmp/root 111069-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...