Lucene search
K

36 matches found

ossfuzz
ossfuzz
added 2019/11/17 2:7 p.m.10 views

opensc:fuzz_pkcs15_reader: Heap-buffer-overflow in coolkey_get_certificate

Project: https://github.com/OpenSC/OpenSC.git Detailed Report: https://oss-fuzz.com/testcase?key=5652332327206912 Project: opensc Fuzzing Engine: libFuzzer Fuzz Target: fuzzpkcs15reader Job Type: libfuzzerasanopensc Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...

6.8AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.20 views

Oracle: Security Advisory (ELSA-2007-0631)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS6.5AI score0.00301EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.27 views

Scientific Linux Security Update : coolkey on SL5.x i386/x86_64

Steve Grubb discovered a flaw in the way coolkey created a temporary directory. A local attacker could perform a symlink attack and cause arbitrary files to be overwritten. CVE-2007-4129 In addition, the updated packages contain fixes for the following bugs in the CAC Smart Card support : - CAC...

3.3CVSS5.4AI score0.00301EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2007/11/19 12:0 a.m.25 views

coolkey security and bug fix update

1.1.0-5 - 1777 is not octal and does not set the correct bits should be 01777 1.1.0-4 - fix cache location to be more secure 1.1.0-3 - replace the install stuff 1.1.0-2 - Back out RHEL-4 version of spec from CVS, add pcsc-lite-lib requires. 1.1.0-1 - Pick up lates release...

3.3CVSS2.7AI score0.00301EPSS
Exploits1
seebug.org
seebug.org
added 2007/11/09 12:0 a.m.32 views

CoolKey以不安全的方式创建PK11IPC1临时文件漏洞

BUGTRAQ ID: 26369 CVECAN ID: CVE-2007-4129 CoolKey是PKI解决方案的一部分,提供智能卡登录、单点登录、安全邮件访问等服务。 CoolKey在不安全的方式创建临时文件,本地攻击者可能利用此漏洞覆盖系统文件。 CoolKey以完全可写的权限创建/tmp/.pk11ipc1临时目录,该目录中的文件也是完全可写的,因此本地攻击者可以执行符号链接攻击导致覆盖任意文件。 CoolKey CoolKey 1.0.1 CoolKey CoolKey 1.0 RedHat ------...

3.3CVSS0.1AI score0.00301EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2007/11/08 11:46 a.m.23 views

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6AI score0.00301EPSS
Exploits1References1
NVD
NVD
added 2007/11/08 11:46 a.m.24 views

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6.1AI score0.00301EPSS
Exploits1References7
Prion
Prion
added 2007/11/08 11:46 a.m.19 views

Directory traversal

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6.3AI score0.00301EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2007/11/08 11:46 a.m.7 views

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

6AI score
Exploits0References7
OSV
OSV
added 2007/11/08 11:46 a.m.2 views

DEBIAN-CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6.7AI score0.00301EPSS
Exploits1References1
Cvelist
Cvelist
added 2007/11/08 11:0 a.m.26 views

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

6AI score0.00301EPSS
Exploits1References7
CVE
CVE
added 2007/11/08 11:0 a.m.65 views

CVE-2007-4129

CVE-2007-4129 affects CoolKey 1.1.0, where a local attacker can exploit a symlink in /tmp/.pk11ipc1/ to overwrite arbitrary files. This is a local impact vulnerability with the root cause in how temporary folders are created. Public sources confirm the issue and reference vendor advisories and pa...

3.3CVSS6AI score0.00301EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2007/11/08 11:0 a.m.42 views

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6.1AI score0.00301EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/11/08 12:0 a.m.34 views

RHEL 5 : coolkey (RHSA-2007:0631)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2007:0631 advisory. coolkey contains the driver support for the CoolKey and Common Access Card CAC Smart Card products. The CAC is used by the U.S. Government. Steve Gru...

3.3CVSS5.9AI score0.00301EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2007/11/07 9:0 a.m.28 views

Low: Red Hat Security Advisory: coolkey security and bug fix update

Updated coolkey packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. coolkey contains the driver support for the CoolKey and Common Access Card CAC Smar...

3.3CVSS5.8AI score0.00301EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/11/07 9:0 a.m.6 views

coolkey file and directory permission flaw

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS5.9AI score0.00301EPSS
Exploits1References4
Rows per page
Query Builder