2509 matches found
Xsan Filesystem fails to properly process path names
Overview A buffer overflow vulnerability in Apple's Xsan product may allow a local attacker to run arbitrary code with root privileges or create a denial-of-service condition. Description Xsan FilesystemXsan is a Storage Area Network SAN filesystem designed for use by Apple OS X and OS X Server...
CentOS 3 : tar (CESA-2006:0195)
An updated tar package that fixes a path traversal flaw is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that...
GLSA-200605-05 : rsync: Potential integer overflow
The remote host is affected by the vulnerability described in GLSA-200605-05 rsync: Potential integer overflow An integer overflow was found in the receivexattr function from the extended attributes patch xattr.c for rsync. The vulnerable function is only present when the 'acl' USE flag is set...
Authentication flaw
publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier does not require authentication for write access to the calendars directory, which allows remote attackers to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filename containing a .php extension and...
Farmers WIFE 4.4 sp1 - FTP Remote System Access
Farmers WIFE 4.4 sp1 - FTP Remote System Access !/usr/bin/perl kokanin 20060106 // farmers wife server 4.4 sp1 allows us to use ../../../ patterns as long as we stand in a folder where we have write access. haha, that's what you get for implementing your own access control instead of relying on t...
Linksys Router Default Password (HTTP)
This Linksys Router has the default password set for the web administration console. SPDX-FileCopyrightText: 2002 Digital Defense Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
GLSA-200506-21 : Trac: File upload vulnerability
The remote host is affected by the vulnerability described in GLSA-200506-21 Trac: File upload vulnerability Stefan Esser of the Hardened-PHP project discovered that Trac fails to validate the 'id' parameter when uploading attachments to the wiki or the bug tracking system. Impact : A remote...
SGI Irix rpc.mountd privilege escalation
Under some conditions write access is possible to read only exports...
[SA15619] SGI IRIX rpc.mountd "read-mostly" Exports Read/Write Access
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
CVE-2005-1238
By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request...
CVE-2004-2613
Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a...
DEBIAN-CVE-2004-1438
The modauthzsvn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command...
Multiple Symantec security appliances do not allow the SNMP read-write community string to be changed
Overview A vulnerability exists in multiple Symantec security appliances that could allow a remote attacker to modify the configuration of the device using SNMP. Description The Simple Network Management Protocol SNMP enables network and system administrators to remotely monitor and configure...
security flaw
Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files...
CuteNews News.txt writable to world
Date: August 29, 2004 Vender: http://www.cutephp.com/ Program: CuteNews Versions affected: = 1.3.6 Bug: CuteNews News.txt writable to world Type: Author: e0r www: http://www.rootthief.com/ team: !Sui-Generes !Sui Email: homicidal @ gmail . com ----------------------------- Discription: Cute news ...
GLSA-200407-20 : Subversion: Vulnerability in mod_authz_svn
The remote host is affected by the vulnerability described in GLSA-200407-20 Subversion: Vulnerability in modauthzsvn Users with write access to part of a Subversion repository may bypass read restrictions on any part of that repository. This can be done using an 'svn copy' command to copy the...
GLSA-200404-01 : Insecure sandbox temporary lockfile vulnerabilities in Portage
The remote host is affected by the vulnerability described in GLSA-200404-01 Insecure sandbox temporary lockfile vulnerabilities in Portage A flaw in Portage's sandbox wrapper has been found where the temporary lockfiles are subject to a hard-link attack which allows linkable files to be...
GLSA-200408-05 : Opera: Multiple new vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200408-05 Opera: Multiple new vulnerabilities Multiple vulnerabilities have been found in the Opera web browser. Opera fails to deny write access to the 'location' browser object. An attacker can overwrite methods in this object a...
Opera: Multiple new vulnerabilities
Background Opera is a multi-platform web browser. Description Multiple vulnerabilities have been found in the Opera web browser. Opera fails to deny write access to the "location" browser object. An attacker can overwrite methods in this object and gain script access to any page that uses one of...
Subversion: Vulnerability in mod_authz_svn
Background Subversion is an advanced version control system, similar to CVS, which supports additional functionality such as the ability to move, copy and delete files and directories. A Subversion server may be run as an Apache module, a standalone server svnserve, or on-demand over ssh a la CVS...