Digital Unix 4.0 MSGCHK MH_PROFILE Symbolic Link Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3320/info The msgchk utility under certain versions of Digital Unix contains an information disclosure vulnerability which could yield root privilege. Because msgchk fails to check file permissions before opening user...

CVE-2013-5573

Cross-site scripting XSS vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration...

Cross site scripting

Cross-site scripting XSS vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration...

Medium: xinetd

Issue Overview: It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitra...

[ MDVSA-2013:248 ] xinetd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:248 http://www.mandriva.com/en/support/security/ Package : xinetd Date : October 10, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated xinetd package fixes security...

RHEL 5 / 6 : xinetd (RHSA-2013:1409)

An updated xinetd package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

response_splitting

This plugin will find response splitting vulnerabilities. The detection is done by sending "w3af\r\nVulnerable: Yes" to every injection point, and reading the response headers searching for a header with name "Vulnerable" and value "Yes". Plugin type Audit Options This plugin doesnt have any user...

CVE-2013-2548

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the...

CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

Design/Logic Flaw

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

Design/Logic Flaw

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

CVE-2013-2547

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

UBUNTU-CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

CVE-2013-2546

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

MySQL (Linux) - Database Privilege Escalation

MySQL Linux - Database Privilege Escalation use DBI; $|=1; =for comment MySQL privilege elevation Exploit This exploit adds a new admin user. By Kingcope Tested on Debian Lenny mysql-5.0.51a OpenSuSE 11.4 5.1.53-log How it works: This exploit makes use of several things: The attacker is in...

MySQL (Linux) - Database Privilege Escalation

use DBI; $|=1; =for comment MySQL privilege elevation Exploit This exploit adds a new admin user. By Kingcope Tested on Debian Lenny mysql-5.0.51a OpenSuSE 11.4 5.1.53-log How it works: This exploit makes use of several things: The attacker is in possession of a mysql user with 'file' privileges...

Scientific Linux Security Update : vsftpd on SL5.x i386/x86_64

A memory leak was discovered in the vsftpd daemon. An attacker who is able to connect to an FTP service, either as an authenticated or anonymous user, could cause vsftpd to allocate all available memory if the 'denyfile' option was enabled in vsftpd.conf. CVE-2007-5962 As well, this updated packa...

Cross site scripting

Cross-site scripting XSS vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the email parameter aka Email address field in an edituser configuration action...

Fedora 16 : rocksndiamonds-3.3.0.1-5.fc16 (2012-1567)

Apply fix for user configuration/cache directory permission issue CVE-2011-4606, bz766805. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

Fedora 15 : rocksndiamonds-3.3.0.1-5.fc15 (2012-1553)

Apply fix for user configuration/cache directory permission issue CVE-2011-4606, bz766805. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...