IRIX pmpost vulnerability

SGI Security Advisory Title: pmpost vulnerability Number: 20010601-01-I Date: June 24, 2002 Reference: SGI Security Advisory 20010601-01-A Reference: CVE-2001-0823 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that the Performance Co-Pilot...

Wolfram Research webMathematica 4.0 - File Disclosure

source: https://www.securityfocus.com/bid/5035/info Wolfram Research's webMathematica is a Java based product which allows the inclusion of Mathematica content in a web environment. It includes CGI programs which generate image content based on user supplied input. A file disclosure vulnerability...

QNX RTOS 4.25 - monitor Arbitrary File Modification

QNX RTOS 4.25 - monitor Arbitrary File Modification source: https://www.securityfocus.com/bid/4902/info The QNX RTOS monitor utility is prone to an issue which may allow local attackers to modify arbitrary system files such as /etc/passwd. monitor is installed setuid root by default. The monitor ...

CVE-2001-0507

IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability...

Windows 2000 system partition weak default permissions

Title: Windows 2000 system partition weak default permissions Affected: Windows 2000 Vendor: Microsoft Author: ZARAZA Date: August, 03 2002 Risk: High Exploitable: Yes Remote: No Vendor notified: May, 17 2002 SECURITY.NNOV URL: http://www.security.nnov.ru Advanced info:...

Несанкционированный доступ через Efax (unauthorized access)

Можно прочитать любой системный файл указав его в качестве файла конфигурации в опции -d, переполнение буфера в опции -x...

CVE-1999-1300

Technical details for CVE-1999-1300 are not publicly provided in the supplied documents. No affected product/version or remediation are stated here. Monitor for updates.

sglMerchant Version 1.0

sglMerchant Version 1.0 by SeaGlass Technologies, Inc have the old bug ExploiT: www.server.com/cgi-shop/viewitem? HTMLFILE=../../../../../../etc/passwd00&KEY=1900- 0999 XP- TEAM DonHuan [email protected]...

Aladdin Ghostscript creates insecure temporary files allowing a local user to create symbolic links to other files

Overview Alladin Ghostscript, a previewer for postscript files, creates temporary files with a predictable names. The creation allows attackers to use symbolic links to overwrite other files on the host. Description Alladin Ghostscript is a previewer for postscript files. It creates temporary fil...

Horde 1.2.x/2.1.3 and Imp 2.2.x/3.1.2 - File Disclosure

source: https://www.securityfocus.com/bid/3067/info A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI parameters. By specifying a malicious INBOX file in a request,...

ARCservIT 6.616.63 Client - inetd.tmp Arbitrary File Overwrite

ARCservIT 6.616.63 Client - inetd.tmp Arbitrary File Overwrite source: https://www.securityfocus.com/bid/2748/info ARCservIT from Computer Associates contains a vulnerability which may allow malicious local users to corrupt arbitrary files. When it runs with the parameters 'inet add', 'asagent',...

ARCservIT 6.616.63 Client - asagent.tmp Arbitrary File Overwrite

ARCservIT 6.616.63 Client - asagent.tmp Arbitrary File Overwrite source: https://www.securityfocus.com/bid/2741/info ARCservIT from Computer Associates contains a vulnerability which may allow malicious local users to overwrite arbitrary files. When it runs for the first time, 'asagent', opens an...

Drummond Miles A1Stats 1.0 - a1disp4.cgi Traversal Arbitrary File Read

Drummond Miles A1Stats 1.0 - a1disp4.cgi Traversal Arbitrary File Read source: https://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as...

MySQL 3.20.32 a/3.23.34 - Root Operation Symbolic Link File Overwriting

source: https://www.securityfocus.com/bid/2522/info MySQL is a relational database management system RDBMS, freely available and open source. It is maintained by MySQL AB. A problem with the implementation of some MySQL databases may permit local users to overwrite sensitive system files. This...

Очередные дырки в различных Shopping Cart

Обратный путь в директориях позволяет обращаться к системным файлам. В отдельных случаях возможна модификация прайса...

Дырка в diskcheck

Некорректная работа с временными файлами позволяет переписать любой системный файл с помощью символьных линков...

iXsecurity.20001107.compaq-wbm.a

iXsecurity Security Vulnerability Report No: iXsecurity.20001107.compaq-wbm.a ==================================== Vulnerability Summary --------------------- Problem: The default installation of Compaq Web-Based Management on a Netware server reveals sensitive system files Threat: Anyone that ha...

Дырка во многих реализациях PHP

Из-за того, что сервер не сбрасывает некоторые переменные, которые могут задаваться пользователем, пользователь может указать временный файл, используемый при загрузке, что позволяет скомпрометировать системные файлы...

Unsafe passing of variables to mailform.pl in MailForm V2.0

Title: Unsafe passing of variables to mailform.pl in MailForm V2.0 For Unix or NT Advisory Author: Karl Hanmore [email protected] Script URL: http://rlaj.com/scripts/mailform Script Author: Ranson Johnson Advisory Released: 11 September 2000 Vendor notified: [email protected] 05 Sept...

AT Computing atsar_linux 1.4 - File Manipulation

source: https://www.securityfocus.com/bid/1048/info atsar is a linux load monitoring software package released under the GPL by AT Computing. atsadc is a setuid root binary that is included in the atsar package. atsadc is setuid because it obtains informatin via /dev/kmem. atsadc will accept as a...