Lucene search
+L

2509 matches found

openvas
openvas
added 2010/10/10 12:0 a.m.17 views

Debian: Security Advisory (DSA-2108-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.6AI score0.0515EPSS
Exploits0References3
packetstorm
packetstorm
added 2010/10/06 12:0 a.m.243 views

Microsoft IIS FTP Server NLST Response Overflow

$Id: ms09053ftpdnlst.rb 10558 2010-10-05 23:39:14Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS6.4AI score0.90913EPSS
Exploits11
cvelist
cvelist
added 2010/09/03 7:0 p.m.25 views

CVE-2010-2226

The xfsswapext function in fs/xfs/xfsdfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file...

5.8AI score0.00434EPSS
Exploits1References18
cve
cve
added 2010/09/03 7:0 p.m.112 views

CVE-2010-2226

CVE-2010-2226 affects the Linux kernel: the xfs_swapext function in fs/xfs/xfs_dfrag.c does not properly validate file descriptors passed to the SWAPEXT ioctl, enabling a local user with write access to swap a file into another and gain read access. The issue is present in kernel versions before ...

2.1CVSS6.9AI score0.00434EPSS
Exploits1References18Affected Software1
securityvulns
securityvulns
added 2010/03/10 12:0 a.m.47 views

CORE-2009-0813: Windows Movie Maker and Microsoft Producer IsValidWMToolsStream() Heap Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Windows Movie Maker and Microsoft Producer IsValidWMToolsStream Heap Overflow 1. Advisory Information Title: Windows Movie Maker and Microsoft Producer...

9.3CVSS7.4AI score0.26636EPSS
Exploits9
packetstorm
packetstorm
added 2010/02/10 12:0 a.m.20 views

Microsoft IIS WebDAV Write Access Code Execution

$Id: iiswebdavuploadasp.rb 8413 2010-02-08 19:12:59Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

0.2AI score
Exploits0
metasploit
metasploit
added 2010/02/08 7:4 p.m.40 views

Microsoft IIS WebDAV Write Access Code Execution

This module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script via a WebDAV PUT request. The target IIS machine must meet these conditions to be considered as exploitable: It allows 'Script resource access', Read and Wri...

7.2AI score
Exploits0
cvelist
cvelist
added 2009/09/21 7:0 p.m.32 views

CVE-2009-2939

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files...

6.1AI score0.00495EPSS
Exploits2References2
openvas
openvas
added 2009/09/11 12:0 a.m.31 views

OXID eShop Community Edition Unauthorized Write Access Vulnerability

This host is installed with OXID eShop Community Edition and is prone to unauthorized access vulnerability. OpenVAS Vulnerability Test $Id: secpodoxideshopunauthwritevuln.nasl 5122 2017-01-27 12:16:00Z teissa $ OXID eShop Community Edition Unauthorized Write Access Vulnerability Authors: Nikita M...

5CVSS0.5AI score0.00949EPSS
Exploits0References2
openvas
openvas
added 2009/09/11 12:0 a.m.22 views

OXID eShop Community Edition 4.x <= 4.1.1 Unauthorized Write Access Vulnerability

OXID eShop Community Edition is prone to unauthorized access vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS6.6AI score0.00949EPSS
Exploits0References2
openvas
openvas
added 2009/09/02 12:0 a.m.70 views

Microsoft IIS FTPd NLST stack overflow

Microsoft IIS FTPd NLST stack overflow The Microsoft IIS FTPd service may be vulnerable to a stack overflow via the NLST command. On Microsoft IIS 5.x this vulnerability can be used to gain remote SYSTEM level access, whilst on IIS 6.x it has been reported to result in a denial of service. Whilst...

9CVSS5.5AI score0.90913EPSS
Exploits11References1
cert
cert
added 2009/08/31 12:0 a.m.15 views

Microsoft Internet Information Server (IIS) FTP server NLST stack buffer overflow

Overview The Microsoft IIS FTP server contains a stack buffer overflow in the handling of directory names, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description IIS is a web server that comes with Microsoft Windows. IIS also includes FTP server...

8.3AI score
Exploits0References3
nessus
nessus
added 2009/08/20 12:0 a.m.32 views

IBM DB2 8.1 < Fix Pack 18 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 8.1 running on the remote host is affected by one or more of the following issues : - A local attacker may be able to gain write access to an arbitrary file using DAS, which could lead to gaining root privileges. IZ34149 - It may be possible t...

5CVSS7.8AI score0.02179EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2009/05/20 12:0 a.m.2 views

PT-2009-4203 · Netmechanica · Netdecision Tftp Server

Name of the Vulnerable Software and Affected Versions: NetMechanica NetDecision TFTP Server version 4.2 Description: The issue allows remote attackers to read or modify arbitrary files via directory traversal sequences in the 1 GET or 2 PUT command. Recommendations: For NetMechanica NetDecision...

10CVSS6.5AI score0.5451EPSS
Exploits7References8
openvas
openvas
added 2009/04/09 12:0 a.m.18 views

Mandriva Update for tar MDKSA-2007:173 (tar)

Check for the Version of tar OpenVAS Vulnerability Test Mandriva Update for tar MDKSA-2007:173 tar Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

6.8CVSS0.02743EPSS
Exploits1References2
prion
prion
added 2008/12/24 6:29 p.m.23 views

Design/Logic Flaw

xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1 console/tty, 2 console/limit, or 3 image/device-model-pid...

7.2CVSS7AI score0.01042EPSS
Exploits1References7Affected Software1
cvelist
cvelist
added 2008/12/24 5:0 p.m.24 views

CVE-2008-5716

xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1 console/tty, 2 console/limit, or 3 image/device-model-pid...

7.8AI score0.00358EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2008/10/03 5:41 p.m.26 views

CVE-2008-4405

xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1...

7.2CVSS5.9AI score0.01042EPSS
Exploits1References2
openvas
openvas
added 2008/09/24 12:0 a.m.21 views

Gentoo Security Advisory GLSA 200605-05 (rsync)

The remote host is missing updates announced in advisory GLSA 200605-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.4AI score0.03633EPSS
Exploits0
openvas
openvas
added 2008/09/24 12:0 a.m.16 views

Gentoo Security Advisory GLSA 200605-05 (rsync)

The remote host is missing updates announced in advisory GLSA 200605-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.03633EPSS
Exploits0References3
Rows per page
Query Builder