Lucene search
K

147 matches found

Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.17 views

AIX 5.3 TL 8 : at (IZ43455)

The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following file is vulnerable : /usr/bin/at. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the...

4.9CVSS5.5AI score0.00498EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.19 views

AIX 5.3 TL 7 : at (IZ43454)

The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following file is vulnerable : /usr/bin/at. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the...

4.9CVSS5.5AI score0.00498EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.21 views

AIX 6.1 TL 1 : at (IZ43458)

The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following file is vulnerable : /usr/bin/at. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the...

4.9CVSS5.5AI score0.00498EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.30 views

AIX 6.1 TL 2 : at (IZ43459)

The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following file is vulnerable : /usr/bin/at. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the...

4.9CVSS5.5AI score0.00498EPSS
Exploits1References2
0day.today
0day.today
added 2011/06/13 12:0 a.m.22 views

Microsoft WinXP sp2/sp3 local system privilege escalation exploit

Exploit for windows platform in category local exploits Microsoft WinXP sp2/sp3 local system privilege escalation exploit Platform: Windows XP SP2/SP3 Type: local Exploit Author: Todor Donev [email protected] Good luck and Have fun!! Kind regards to so sweet baby Tsvetelina Emirska Thank you...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/06/04 12:0 a.m.27 views

AIX 6.1 : bos.rte.cron (U823854)

The remote host is missing AIX PTF U823854, which is related to the security of the package bos.rte.cron. The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following...

4.9CVSS5.6AI score0.00498EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/04/30 12:0 a.m.15 views

AIX 5.3 TL 8 : bos.rte.cron (U822098)

The remote host is missing AIX PTF U822098, which is related to the security of the package bos.rte.cron. The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following...

4.9CVSS5.6AI score0.00498EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/04/30 12:0 a.m.15 views

AIX 5.3 TL 7 : bos.rte.cron (U825004)

The remote host is missing AIX PTF U825004, which is related to the security of the package bos.rte.cron. The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following...

4.9CVSS5.6AI score0.00498EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/04/30 12:0 a.m.16 views

AIX 5.3 TL 6 : bos.rte.cron (U821986)

The remote host is missing AIX PTF U821986, which is related to the security of the package bos.rte.cron. The at command does not drop permissions when reading certain files. A local attacker may exploit this error to read any file on the system because the command is setuid root. The following...

4.9CVSS5.6AI score0.00498EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.15 views

MDVA-2009:016 : at

The 'at' command scheduler in Mandriva Linux 2009 failed to work at all for users other than root, due to a permission error. This update fixes the issue, making it possible for regular users to run at jobs. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch ...

6.9AI score
Exploits0References1
Cvelist
Cvelist
added 2005/02/08 5:0 a.m.23 views

CVE-2003-1073

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. dot dot sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes pla...

6.6AI score0.00695EPSS
Exploits0References11
CVE
CVE
added 2005/02/08 5:0 a.m.66 views

CVE-2003-1073

CVE-2003-1073 describes a race condition in the Solaris at command (affecting Solaris 2.6 through 9) that allows local users to delete arbitrary files. The flaw occurs when a -r argument containing .. sequences in a job name passes the permission check but before the deletion actually happens, en...

1.2CVSS6.6AI score0.00695EPSS
Exploits0References11Affected Software2
CVE
CVE
added 2005/01/29 5:0 a.m.52 views

CVE-2005-0125

Summary: CVE-2005-0125 affects Mac OS X 10.3.7 and earlier. The at family (at, atrm, batch, atq, atrun) did not properly drop privileges, enabling a local user to delete files, execute commands, or read files via crafted job files. This is a local privilege escalation with potential to access or ...

7.2CVSS7AI score0.00358EPSS
Exploits1References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.40 views

Mandrake Linux Security Advisory : at (MDKSA-2002:007)

zen-parse discovered a problem in the at command containing an extra call to free which can lead to a segfault with a carefully crafted, but incorrect, format. This is caused due to a heap corruption that can be exploited under certain circumstances because the at command is installed setuid root...

7.2CVSS5.5AI score0.01343EPSS
Exploits1References1
NVD
NVD
added 2003/12/31 5:0 a.m.19 views

CVE-2003-1073

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. dot dot sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes pla...

1.2CVSS6.6AI score0.00695EPSS
Exploits0References11
securityvulns
securityvulns
added 2003/01/28 12:0 a.m.28 views

Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: at -r job name handling and race condition vulnerabilities Product: Sun Microsystems Solaris Version: all URL: http://isec.pl/vulnerabilities/isec-0008-sun-at.txt Author: Wojciech Purczynski [email protected] Date: November 1, 2002 Update: Janua...

7.7AI score
Exploits0
exploitpack
exploitpack
added 2003/01/27 12:0 a.m.10 views

Sun Solaris 2.52.67.089 AT Command - Arbitrary File Deletion

Sun Solaris 2.52.67.089 AT Command - Arbitrary File Deletion source: https://www.securityfocus.com/bid/6692//info The at utility shipped with Sun Solaris may be prone to an issue which may allow attackers to delete arbitrary files on the system. The vulnerability occurs when using at with the '-r...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2003/01/27 12:0 a.m.23 views

isec-0008-sun-at.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Synopsis: at -r job name handling and race condition vulnerabilities Product: Sun Microsystems Solaris Version: all URL: http://isec.pl/vulnerabilities/isec-0008-sun-at.txt Author: Wojciech Purczynski Date: November 1, 2002 Update: January 27, 2003...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/27 12:0 a.m.28 views

Sun Solaris 2.5/2.6/7.0/8/9 AT Command - Arbitrary File Deletion

source: https://www.securityfocus.com/bid/6692//info The at utility shipped with Sun Solaris may be prone to an issue which may allow attackers to delete arbitrary files on the system. The vulnerability occurs when using at with the '-r' option. This option is used to remove previously scheduled ...

7.4AI score
Exploits0
NVD
NVD
added 2002/09/09 4:0 a.m.25 views

CVE-2002-1614

Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at...

7.2CVSS7.4AI score0.02122EPSS
Exploits0References5
Rows per page
Query Builder