246 matches found
Root File Manager - Dangerous filesystem permissions, Runtime privilege escalation, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Root File Manager published at the 'play' market has multiple vulnerabilities...
FireEye Appliance Arbitrary File Disclosure
Just one of many handfuls of FireEye / Mandiant 0day. Been sitting on this for more than 18 months with no fix from those security "experts" at FireEye. Pretty sure Mandiant staff coded this and other bugs into the products. Even more sad, FireEye has no external security researcher reporting...
FireEye Appliance - Unauthorized File Disclosure
FireEye Appliance - Unauthorized File Disclosure Just one of many handfuls of FireEye / Mandiant 0day. Been sitting on this for more than 18 months with no fix from those security "experts" at FireEye. Pretty sure Mandiant staff coded this and other bugs into the products. Even more sad, FireEye...
FireEye Appliance - Unauthorized File Disclosure
Just one of many handfuls of FireEye / Mandiant 0day. Been sitting on this for more than 18 months with no fix from those security "experts" at FireEye. Pretty sure Mandiant staff coded this and other bugs into the products. Even more sad, FireEye has no external security researcher reporting...
elfutils: directory traversal in read_long_names()
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
DEBIAN-CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CUPS 1.6.1 Root File Read
This module exploits a vulnerability in CUPS 'CUPS 1.6.1 Root File Read', 'Description' = %q This module exploits a vulnerability in CUPS 1.6.2, an open source printing system. CUPS allows members of the lpadmin group to make changes to the cupsd.conf configuration, which can specify an Error Log...
cups: privilege escalation for users of the CUPS SystemGroup group
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface...
mount.cifs - chdir() Arbitrary Root File Identification
mount.cifs - chdir Arbitrary Root File Identification Blueliv Advisory 2012-004 - Discovered by: Jesus Olmos Gonzalez at Blueliv - Risk: 5/5 - Impact: 1/5 1. VULNERABILITY ------------------------- linux privileged and arbitrary chdir, this leads to an arbitary file identification as root. 2...
Samba 3.2.0 - 3.2.6 Root File System Access Security Vulnerability
Samba is prone to a system access security vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba";...
Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation
Xcode OpenBase 9.1.5 OSX - Root File Create Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will Create a new file...
Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation
!/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will Create a new file anywhere on the filesystem with rw-rw-rw privs. Sorry you can NOT...
Exploit Labs Security Advisory 2005.2
------------------------------------------------------------ - EXPL-A-2005-002 exploitlabs.com Advisory 031 - ------------------------------------------------------------ - Samsung ADSL Modem - AFFECTED PRODUCTS ================= Samsung ADSL Modem Samgsung Eletronics http://www.samsung.com DETAI...
Setuid perl PerlIO_Debug() root owned file creation
Exploit for linux platform in category local exploits =================================================== Setuid perl PerlIODebug root owned file creation =================================================== / Copyright Kevin Finisterre DISCLAIMER I am in no way responsible for your stupidity...
[SECURITY] [DSA 557-1] New rp-pppoe packages fix potential root compromise
-------------------------------------------------------------------------- Debian Security Advisory DSA 557-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2004 http://www.debian.org/security/faq -...
Hafiye 1.0 Remote Terminal Escape Sequence Injection Vulnerability
No description provided by source. / Remote Exploit for Hafiye-1.0 Terminal Escape Sequence Injection Vulnerability Written by Serkan Akpolat Homepage: http://deicide.siyahsapka.org E-mail: deicide siyahsapka org Greets: Virulent, gorny and all other netricians / include stdio.h include sys/types...
Low: Red Hat Security Advisory: : Updated CVS packages fix minor security issue
Updated cvs packages closing a vulnerability that could allow cvs to attempt to create files and directories in the root file system are now available. CVS is a version control system frequently used to manage source code repositories. A flaw was found in versions of CVS prior to 1.11.10 where a...
SRT2003-04-02-1735 - Progress PROSTARTUP root owned file read
Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...
CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (3)
source: https://www.securityfocus.com/bid/3865/info CDRDAO is a freely available, open source CD recording software package available for the Unix and Linux Operating Systems. It is maintained by Andreas Mueller. When CDRDAO saves it's configuration to the .cdrdao file in a user's home directory,...
Redhat 7.0 local root (via uucp) (attempt 2)
Affects: RedHat 7.0 possibly others 28 Aug 2001 01:27:24 +1200 uucp vulnerability exposed to vendor 9 Nov 2001 07:14:15 +1300 this makewhatis vulnerability exposed to vendor /usr/sbin/makewhatis An earlier version1 of makewhatis had a fault in the handling of compressed files that allowed executi...