Lucene search
K

410 matches found

securityvulns
securityvulns
added 2001/01/24 12:0 a.m.29 views

Проблемы с crontab (symlink)

Проблема символьных линков при использовании crontab -e Можно прочитать любой файл. В FreeBSD - любой начинающийся с символа...

0.5AI score
Exploits0References2Affected Software2
securityvulns
securityvulns
added 2001/01/24 12:0 a.m.21 views

Небольшая дырка в Crontab FreeBSD

Можно открыть любой файл в формает Crontab, в т.ч. расписания других пользователей...

0.5AI score
Exploits0References1Affected Software1
FreeBSD Advisory
FreeBSD Advisory
added 2001/01/23 12:0 a.m.4 views

FreeBSD-SA-01:09.crontab

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:09 Security Advisory FreeBSD, Inc. Topic: crontab allows users to read certain files REVISED Category: core Module: crontab Announced: 2001-01-23 Revised: 2001-01-25...

6AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.26 views

CVE-2000-0972

HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates...

5.4AI score0.01283EPSS
Exploits1References2
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.24 views

CVE-2000-1096

crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating...

7.2AI score0.00786EPSS
Exploits1References3
CVE
CVE
added 2001/01/22 5:0 a.m.54 views

CVE-2000-0972

HP-UX 11.00 crontab allows local users to read arbitrary files through the -e option by creating a symlink to the target file during the crontab session, then quitting and reading the error messages crontab generates. Affected software: HP-UX 11.00 crontab. Root cause: symlink exposure via cronta...

5.5CVSS6.7AI score0.01283EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.56 views

CVE-2000-1096

The CVE-2000-1096 entry concerns the crontab utility by Paul Vixie, where temporary files are created with predictable names and there is insufficient verification that the file is owned by the user running crontab -e. This enables local users who have write access to the crontab spool directory ...

3.7CVSS7.6AI score0.00786EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2001/01/09 5:0 a.m.21 views

CVE-2000-1096

crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating...

3.7CVSS7.2AI score0.00786EPSS
Exploits1References3
NVD
NVD
added 2000/12/19 5:0 a.m.18 views

CVE-2000-0972

HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates...

5.5CVSS5.4AI score0.01283EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2000/12/19 12:0 a.m.4 views

PT-2000-1882 · Hewlett Packard · Hp-Ux

Name of the Vulnerable Software and Affected Versions: HP-UX version 11.00 Description: The issue allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab...

5.5CVSS6.5AI score0.01283EPSS
Exploits1References6
exploitpack
exploitpack
added 2000/11/21 12:0 a.m.28 views

vixie-cron - Local Privilege Escalation

vixie-cron - Local Privilege Escalation !/bin/sh echo '.-------------------------------------------------------------------------.' echo '| Marchew Hyperreal Industries ................... |' echo "| ...well, it is just me, but it is more elite to speak as a group... |" echo...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2000/11/21 12:0 a.m.55 views

vixie-cron - Local Privilege Escalation

!/bin/sh echo '.-------------------------------------------------------------------------.' echo '| Marchew Hyperreal Industries ................... |' echo "| ...well, it is just me, but it is more elite to speak as a group... |" echo "--------------------------------- presents...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/11/19 12:0 a.m.10 views

HP-UX 11.0010.20 crontab - Overwrite Files

HP-UX 11.0010.20 crontab - Overwrite Files !/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh if -z "$1" then echo "Usage : $0 " exit fi cat /tmp/crontabexp !/bin/sh ln -sf $1 $1 EOF chmod 755 /tmp/crontabexp EDITOR=/tmp/crontabexp export EDITOR crontab -e ...

0.2AI score
Exploits0
0day.today
0day.today
added 2000/11/19 12:0 a.m.12 views

HP-UX 11.00/10.20 crontab Overwrite Files Exploit

Exploit for hp-ux platform in category dos / poc ================================================= HP-UX 11.00/10.20 crontab Overwrite Files Exploit ================================================= !/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho email protected Usage : ./crontab.sh if -z "$1"...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2000/11/19 12:0 a.m.360 views

HP-UX 11.00/10.20 crontab - Overwrite Files

!/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh if -z "$1" then echo "Usage : $0 " exit fi cat /tmp/crontabexp !/bin/sh ln -sf $1 $1 EOF chmod 755 /tmp/crontabexp EDITOR=/tmp/crontabexp export EDITOR crontab -e 2 /tmp/crontab$$ grep -v "error on previous...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/11/17 12:0 a.m.111 views

vixie cron...

Attached shell-script exploits fopen + preserved umask vulnerability in Paul Vixie's cron code. It will work on systems where /var/spool/cron is user-readable eg. 0755 - AFAIR Debian does so. RedHat at least 6.1 and previous have mode 0700 on /var/spool/cron, and thus it isn't exploitable in its...

7AI score
Exploits0
securityvulns
securityvulns
added 2000/10/25 12:0 a.m.54 views

Re: [ Hackerslab bug_paper ] HP-UX crontab temporary file symboliclink vulnerability

Hi, Tested on 4.0-RELEASE FreeBSD 4.0-RELEASE 9 4.1-RELEASE FreeBSD 4.1-RELEASE 1: Can read any file wich start with comment simbol $ ls -l /etc/sudoers -r-------- 1 root wheel 313 24 oct 20:20 /etc/sudoers $ id uid=1002alf gid=1002alf groups=1002alf $ crontab -e /tmp/crontab.hLmjTbK417 :!sh Make...

2.4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/10/24 12:0 a.m.25 views

hp-ux.crontab.sh

Hackerslab bugpaper HP-UX crontab temporary file symbolic link vulnerability Attach ====================== crontab.sh ================================ !/bin/sh HP-UX 11.00 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh if -z "$1" then echo "Usage : $0 " exit fi cat /tmp/crontabex...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/10/24 12:0 a.m.33 views

[ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic link vulnerability

============================================================================ ==== Hackerslab bugpaper HP-UX crontab temporary file symbolic link vulnerability ============================================================================ ==== File : /usr/bin/crontab SYSTEM : HP-UX Tested in HP-UX...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2000/10/20 12:0 a.m.17 views

HP-UX 10.2011.0 - crontab tmp File

HP-UX 10.2011.0 - crontab tmp File source: https://www.securityfocus.com/bid/1845/info crontab is a binary in the cron package of the HP-UX cron implementation which allows a user to create a file of scheduled commands. A vulnerabiltiy in crontab exists that allows a user to read any file on an...

7.4AI score
Exploits0
Rows per page
Query Builder