14 matches found
EUVD-2005-0581
Malware in sbrugna...
EUVD-2000-0977
Malware in sbrugna...
CVE-2005-0580
cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file...
Gentoo Security Advisory GLSA 200502-30 (cmd5checkpw)
The remote host is missing updates announced in advisory GLSA 200502-30. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200502-30 (cmd5checkpw)
The remote host is missing updates announced in advisory GLSA 200502-30. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
GLSA-200502-30 : cmd5checkpw: Local password leak vulnerability
The remote host is affected by the vulnerability described in GLSA-200502-30 cmd5checkpw: Local password leak vulnerability Florian Westphal discovered that cmd5checkpw is installed setuid cmd5checkpw but does not drop privileges before calling execvp, so the invoked program retains the cmd5check...
CVE-2005-0580
CVE-2005-0580 affects cmd5checkpw, where the setuid program does not drop privileges before invoking execvp, enabling local users to read the /etc/poppasswd file. Connected sources (Gentoo GLSA 200502-30, Red Hat advisory, NVD/CVE entry, OpenVAS plugin) corroborate that the root cause is improper...
CVE-2005-0580
cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file...
[ GLSA 200502-30 ] cmd5checkpw: Local password leak vulnerability
Gentoo Linux Security Advisory GLSA 200502-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
CVE-2005-0580
cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file...
cmd5checkpw: Local password leak vulnerability
Background cmd5checkpw is a checkpassword compatible authentication program that uses CRAM-MD5 authentication mode. Description Florian Westphal discovered that cmd5checkpw is installed setuid cmd5checkpw but does not drop privileges before calling execvp, so the invoked program retains the...
CVE-2000-0990
Technical details about CVE-2000-0990 (affected software, root cause, impact, fixes) are not publicly available in the provided connected documents. Monitor for updates.
CVE-2000-0990
cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username...
CVE-2000-0990
cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username...