2864 matches found
CVE-2003-0480
CVE-2003-0480 affects VMware Workstation 4.0 for Linux. The vulnerability allows a local user to overwrite arbitrary files and escalate privileges through symlink manipulation. Root cause: symlink manipulation enabling file overwrite and privilege gain. Documents do not provide exploit details or...
VMware Workstation 4.0: Possible privilege escalation on the host via symlink manipulation
It is possible for a user to gain an esclation in privileges on a system running VMware Workstation 4.0 for Linux systems by symlink manipulation in a world-writable directory such as /tmp. Affected systems: VMware Workstation 4.0 for Linux systems Dates: This was reported to VMware on 2003-06-17...
CVE-2002-1512
xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbrudscheck.dd temporary file...
CVE-2002-1512
BRU Workstation 17.0 is affected by CVE-2002-1512 due to a symlink attack on the xbru_dscheck.dd temporary file, enabling local users to overwrite arbitrary files and gain root privileges. The vulnerability arises from the described local access path and the resulting potential for privilege esca...
CVE-2002-1512
xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbrudscheck.dd temporary file...
Race condition in BRU Workstation 17.0
Backup / Restore Utility BRU ------------------------------ [email protected] - 04/09/02 About: - http://www.tolisgroup.com/ - "BRU Workstation 17.0 Backup & Restore Utility is a functionally-rich backup solution designed for commercial networked systems when the client/server capability o...
Unauthorized access to locked workstation via wireless Logitech keyboards
Hot key still work for locked workstation...
IBM AIX Parallel Systems Support Program (PSSP) contains vulnerability in File Collections subsystem allowing arbitrary access to sensitive configuration files
Overview IBM AIX Parallel Systems Support Programs PSSP contains a vulnerability allowing unauthorized access to files in valid file collections. Description IBM PSSP software is used to provide a central point of management control for a cluster of RS/6000 SP nodes and IBM pSeries and IBM RS/600...
CVE-1999-1452
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting CTRL-V the contents into the username prompt...
Identix BioLogon 3
I released the following to CERT and then realized it was probably not the best place for this issue as the vulnerability is more local network and workstation than Internet. They have not responded within the last 5 days and so I'm forwarding the CERT submission form to SecurityFocus...
ALERT: ISS BlackICE Kernel Overflow Exploitable
ALERT: ISS BlackICE Kernel Overflow Exploitable Release Date: February 8, 2002 Severity: High Systems Affected: BlackICE Defender 2.9 BlackICE Defender for Server 2.9 BlackICE Agent for Workstation 3.0 and 3.1 BlackICE Agent for Server 3.0 and 3.1 RealSecure Server Sensor 6.0.1 and 6.5 Descriptio...
ActiveSync can access a locked workstation w/o unlocking
Microsoft was notified on 3/28/2001, you may use my name when publishing this. I cannot register on your site, so I am trying the general e-mail addresses. Platforms tested: =================================================== Microsoft Windows 2000 Professional build 2195 w/ SP1 Microsoft...
Проблемы с MS ActiveSync (locked workstation access)
Можно получить доступ к заблокированной рабочей станции...
Possible IE5.0 exposure of local environment variables
I ran across this today, anyone have any thoughts? I'm using a moderately patched IE 5.0 browser on NT 4.0 SP5 workstation. Couldn't find any reference to this in the archives, but maybe it's been covered before. I type in the url www.home.com/computername & press enter, then and IE actually...
lock workstation vulnerability in win2000 pro running Netwareclient
I have discovered what appears to be a security flaw in Windows 2000 Pro SP1 machines running Novell's Client 4.71.20000313. I have no way to verify whether or not this extends to other versions. An Example to illustrate: The win 2000 pro workstation is a member of the domain. The user is logged...
Conectiva 4.x5.x RedHat 6.x - pam_console Remote User
Conectiva 4.x5.x RedHat 6.x - pamconsole Remote User source: https://www.securityfocus.com/bid/1513/info There is a vulnerability in the Linux pamconsole module that could allow an attacker to remotely reboot the workstation or perform other actions limited to local users. If a workstation is...
CVE-1999-1452
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting CTRL-V the contents into the username prompt...
pc.anywhere.dos.txt
Date: Fri, 28 May 1999 12:02:15 -0700 From: Chris Radigan To: [email protected] Subject: DoS against PC Anywhere Hello all, This is my first post to the group so I'll try to keep it as brief as possible. Searching through the bugtraq archives, I came across articles 001732, 001734,...
ca.inoculan.nt.txt
Date: Sat, 8 May 1999 14:58:08 +1000 From: Glenn Corbett To: [email protected] Subject: Insecure Bahaviour in Inoculan Client Russ, A problem has been discovered with the InocuLAN client on Windows NT workstations. If an account lockout policy is present on a Windows NT domain, lar...
nt4-ole-clipboard-password.txt
Date: Fri, 29 Jan 1999 10:21:51 -0600 From: "Reed, David" To: [email protected] Subject: ole objects in a "secured" environment? fellow 'noids, background: since all of the major security flaws in windows nt 4.0 have been discovered who am i kidding? ;-, i'd like to point out a min...