Lucene search
K

1036 matches found

seebug.org
seebug.org
added 2007/11/17 12:0 a.m.44 views

Apple Mac OS X v10.4.11之前版本多个安全漏洞

BUGTRAQ ID: 26444 CVECAN ID:...

10CVSS6.3AI score0.07452EPSS
Exploits2
Prion
Prion
added 2007/11/15 1:46 a.m.17 views

Directory traversal

Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory...

4.6CVSS5.8AI score0.0045EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2007/11/15 1:46 a.m.19 views

CVE-2007-4683

Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory...

4.6CVSS5.6AI score0.0045EPSS
Exploits1References8
CVE
CVE
added 2007/11/15 1:0 a.m.50 views

CVE-2007-4683

Apple Mac OS X 10.4.x kernels are affected by CVE-2007-4683, a local directory traversal vulnerability in the kernel that allows a local user to bypass chroot restrictions by using a relative path when changing the current working directory. The issue affects Mac OS X 10.4 through 10.4.10; impact...

4.6CVSS6.7AI score0.0045EPSS
Exploits1References8Affected Software1
UbuntuCve
UbuntuCve
added 2007/10/16 12:17 a.m.44 views

CVE-2007-5471

libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service daemon exit via a GSS-TSIG request. NOTE: this issue probably affects other daemons that...

7.8CVSS6AI score0.02603EPSS
Exploits0References1
NVD
NVD
added 2007/10/04 5:17 p.m.21 views

CVE-2007-5194

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges...

6.9CVSS6.6AI score0.0029EPSS
Exploits0References5
Prion
Prion
added 2007/10/04 5:17 p.m.17 views

Code injection

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges...

6.9CVSS7.1AI score0.0029EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/10/04 5:0 p.m.24 views

CVE-2007-5194

The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges...

6.6AI score0.0029EPSS
Exploits0References5
CVE
CVE
added 2007/10/04 5:0 p.m.50 views

CVE-2007-5194

The CVE-2007-5194 entry concerns the Chroot server in rMake 1.0.11. A local-priority issue arises because it creates a /dev/zero device file with read/write permissions for the rMake user and shares the minor device number with /dev/port, enabling potential local privilege escalation to root. The...

6.9CVSS6.6AI score0.0029EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2007/08/30 12:0 a.m.32 views

CVE-2006-1863

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1864...

2.1CVSS5.9AI score0.01016EPSS
Exploits1References2
securityvulns
securityvulns
added 2007/08/21 12:0 a.m.59 views

[Full-disclosure] OSNews

http://distrowatch.com/weekly.php?issue=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd00 Someone forget their chroot soup this morning...

0.2AI score
Exploits0
myhack58
myhack58
added 2007/07/14 12:0 a.m.19 views

MPack with virtual hosting and PHP security-vulnerability warning-the black bar safety net

MPack is by a self-proclaimed "Dream Coders Team" of the organization development of the PHP program, which contain a number of the latest exploit code can be used to manipulate the distal end of attacks on Panda Labs at the end of last year when for the first time found that, at the time someone...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/07/05 12:0 a.m.11 views

MDKA-2007:079 : postfix

This update to the postfix package fixes two bugs in the chroot script that in some cases could have prevented postfix from working at all: - The chroot script would malfunction if no postfix dynamic maps were installed - The chroot script would not enforce a safe umask, and could create a chroot...

7.3AI score
Exploits0References1
F5 Networks
F5 Networks
added 2007/05/16 12:0 a.m.26 views

SOL5165 - rsync directory traversal vulnerability - CAN-2004-0792

Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files. Information about this advisory is available at the following location:...

6.4CVSS2.5AI score0.02317EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2007/04/28 12:0 a.m.4 views

security flaw

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1864...

2.1CVSS5.8AI score0.01016EPSS
Exploits1References4
Prion
Prion
added 2007/01/27 12:28 a.m.13 views

Design/Logic Flaw

The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges...

7.2CVSS6.8AI score0.00357EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2007/01/27 12:28 a.m.15 views

CVE-2007-0536

The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges...

7.2CVSS6.4AI score0.00357EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/01/27 12:0 a.m.18 views

CVE-2007-0536

The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges...

6.4AI score0.00357EPSS
Exploits0References5
CVE
CVE
added 2007/01/27 12:0 a.m.47 views

CVE-2007-0536

The CVE-2007-0536 issue affects rPath Linux 1: the rMake chroot helper fails to drop supplemental groups, causing packages to be installed with insecure permissions and potentially enabling local privilege escalation. Root cause: missing drop of supplemental groups in the chroot helper. Impact: l...

7.2CVSS6.5AI score0.00357EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.35 views

Fedora Core 4 : kernel-2.6.16-1.2108_FC4 (2006-517)

Mark Moseley reported that a chroot environment on a SMB share can be left via 'cd ..'. Similar to CVE-2006-1863 issue with cifs, this fix is for smbfs. CVE-2006-1864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

4.6CVSS5.4AI score0.0116EPSS
Exploits2References1
Rows per page
Query Builder