WihPhoto (PHP)

Informations : °°°°°°°°°°°°°° Version : 0.86-dev Website : http://www.wihsy.com problem : All files from the hard disk can be send by mail PHP Code/Location : °°°°°°°°°°°°°°°°°°° util/email.php : ------------------------------------------------------------------------ ? class CMailFile var...

CVE-2002-1826

grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory...

CVE-2002-0820

CVE-2002-0820: FreeBSD kernels 4.6 and earlier close fds 0, 1, and 2 after they are assigned to /dev/null when the descriptors reference procfs/linprocfs. This could allow a local attacker to reuse those file descriptors in a setuid/setgid program to modify critical data and gain privileges. The ...

IRIX /dev/ipfilter Denial of Service vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: /dev/ipfilter Denial of Service vulnerability Number: 20020408-01-I Date: April 30, 2002 Reference: CAN-2002-0172 - ----------------------- - --- Issue Specifics --- - ----------------------- SGI has determined that the default...

CVE-1999-1285

CVE-1999-1285 affects Linux kernels 2.1.132 and earlier. A local attacker can cause a denial of service by reading a large buffer from a random device (e.g., /dev/urandom) that cannot be interrupted until the read completes. The provided documents specify the vulnerability and impact (resource ex...

CVE-2001-0404

Directory traversal vulnerability in JavaServer Web Dev Kit JSWDK 1.0.1 allows remote attackers to read arbitrary files via a .. dot dot in an HTTP request to the WEB-INF directory...

CVE-2001-0404

Directory traversal vulnerability in JavaServer Web Dev Kit JSWDK 1.0.1 allows remote attackers to read arbitrary files via a .. dot dot in an HTTP request to the WEB-INF directory...

CVE-2000-0454

Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter...

CVE-2000-0535

CVE-2000-0535 affects OpenSSL 0.9.4 and OpenSSH on FreeBSD, where FreeBSD Alpha's missing /dev/random or /dev/urandom leads to weak cryptographic keys. The issue arises from improper device checks, resulting in keys that may be easier to break. The provided documents describe the root cause and a...

Проблемы с libdes в NetBSD

Если отсутствует или не функционирует /dev/urandom, используется предсказуемая последовательность при генерации ключей...

Security Advisory 2000-007

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-007 ================================= Topic: bad key generation in libdes if no /dev/urandom Version: Domestic US NetBSD-current between 19990624 and 20000622. No formal releases of NetBSD are vulnerable. Severity: high only if...

Проблемы с /dev/random в FreeBSD на alpha

В версии FreeBSD для платформы alpha отсутствовало устройство /dev/random генерирующее псевдо-случайные последовательности. Тем не менее, многие крипто-программы, включая OpenSSH и OpenSSL генерировали ключи и сертификаты не учитывая этот факт...

CVE-2000-0454

Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter...

CVE-2000-0365

The CVE-2000-0365 entry concerns Red Hat Linux 6.0 where the /dev/pts file system is mounted with insecure modes. This configuration allows local users to write to other tty devices. The provided documents describe the affected component (/dev/pts) and the resulting local access impact but do not...

DoS-атака через доменные сокеты UNIX в Linux

: Большой объем информации посланный с помощью sendto через сокет в /dev/log приводит к краху системы...

CVE-1999-0426

CVE-1999-0426 affects Linux prior to 2.0.36 due to default permissions of the /dev/kmem character device, enabling IP spoofing. Root cause: /dev/kmem permissions allowed spoofing without additional privileges. Impact: network-based spoofing risk on affected systems. Mitigation: upgrade to Linux 2...

ssh-1.2.27.txt

------------------------------------------------------------------- Periodically, the moderator of of the vuln-dev mailing list will post summaries of issues discussed there to Bugtraq and possibly other relevant lists. This will usually happen when an issue has been resolved, or it appears that...

kmem.SuSE.txt

Date: Fri, 19 Mar 1999 22:45:29 -0800 From: Aleph One To: [email protected] Subject: The default permissions on /dev/kmem is insecure. SuSE Security Announcement Packages: devs- linux-2.0.35 and below Date: Thu Mar 18 10:22:11 CET 1999 Affected: SuSE 6.0 and below, other Linux distributions Su...

PT-2010-5664 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise affected versions not specified Linux kernel versions prior to 2.6.36.2 Description: The issue involves multiple vulnerabilities in the Linux kernel and SUSE Linux Enterprise packages, including kernel-desktop-devel,...

WSL Dev Channel Insiders

Early preview for the latest kernel updates...