993 matches found
opera -- multiple vulnerabilities in Java implementation
Marc Schoenefeld reports: Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain unacceptable privileges. This allows them to be used for information gathering spying of local identity information and system configurations as well as causing annoying crash...
Mandrake Linux Security Advisory : LPRng (MDKSA-2002:042)
Matthew Caron pointed out that using the LPRng default configuration, the lpd daemon will accept job submissions from any remote host. These updated LPRng packages modify the job submission policy in /etc/lpd.perms to refuse print jobs from remote hosts by default. %NASLMINLEVEL 70300 C Tenable...
CVE-2004-0087
The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify network settings, a different vulnerability than CVE-2004-0088...
Castelle Faxpress: Password used for NT Print queue can be discl osed in Plain Text
Overview I have reported this to Castelle and they told me it is a feature for troubleshooting, however they will make the change the next time they release the Faxpress Software. I just thought that other admins should be made aware so they can check their systems are secured correctly. Printing...
Eyedog ActiveX control incorrectly marked "safe for scripting"
Overview Versions of the Eyedog ActiveX control current circa August, 1999, are incorrectly marked safe for scripting. Description Eyedog is an ActiveX control that was used to perform diagnostic function in Windows. It was marked as safe for scripting, which means that it could be called from...
CVE-2000-0723
Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config...
iis-unicode.txt
Recently I received an email from Par Osterberg that directed my attention to a post in the Packetstorm forums: http://209.143.242.119/cgi-bin/cbmc/forums.cgi?authkey=anonymous&uname=anonymous&datopic=Windows&mesgcheck=defined&gum=474&editoron= An anonymous person posts that they can run arbitrar...
CVE-2000-0723
The CVE-2000-0723 entry concerns Helix GNOME Updater (helix-update) version 0.5 and earlier, where improper handling of /tmp leads to local users creating empty system configuration files (e.g., /etc/config.d/bashrc, /etc/config.d/csh.cshrc, /etc/rc.config). This vulnerability arises from inadequ...
CVE-2000-0723
Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config...
Multiple Local Vulnerabilities in Helix Gnome Installer
Multiple Vulnerabilities In Helix Gnome Installer 0.2 VULNERABILITIES: The Helix installer contains multiple locally exploitable vulnerabilities. 1. Several of the gdmify functions are vulnerable to attack because they use system and /tmp in unsafe manners SuSE and Caldera A mkdir of the right pa...
RH6_rpmmail_exploit.txt
Greetings, A vulnerability exists in the rpmmail package distributed on the Red Hat 6.0 Extra Applications CD. The potential compromise for this bug could be remote or local root or simply remote command execution as "nobody" or similar, depending on your system configuration. By sending a...
sshd-1.x-2.x-login.txt
Date: Sat, 23 Jan 1999 17:06:44 -0500 From: KuRuPTioN To: [email protected] Subject: SSH 1.x and 2.x Daemon There seems to be incomplete code in the SSH daemon in both versions 1.2.27 and 2.0.11 only tested. The bug simply allows users who with expired accounts in /etc/shadow to continue to...
CVE-1999-0305
The system configuration control sysctl facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the 1 dosourceroute or 2 forwarding variables are set, which allows remote attackers to spoof TCP...