Lucene search
+L

30 matches found

Cvelist
Cvelist
added 2001/05/24 4:0 a.m.17 views

CVE-2001-0370

fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters...

6.7AI score0.00307EPSS
Exploits0References2
CVE
CVE
added 2001/05/24 4:0 a.m.48 views

CVE-2001-0370

CVE-2001-0370 affects the fcheck tool prior to version 2.57.59. The vulnerability arises because it calls the file signature checking program insecurely, allowing a local user to execute arbitrary commands by providing a file name containing shell metacharacters. This is a local-elevation style i...

4.6CVSS7AI score0.00307EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2001/03/22 12:0 a.m.39 views

Дырка в fcheck (input validation)

При вызове внешней программы с именем файла не проверяется наличией shell-символов в имени файла...

1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/03/22 12:0 a.m.35 views

fcheck prior to 2.07.59 - vulnerability - improper use of perl 'magic open'

VULNERABLE: Probably all versions prior to 2.07.59 - the author of fcheck can't be bothered to note security fixes in his change log, but most likely all prior versions had this vulnerability. Vulnerability: by placing a carefully crafted filename in a directory checked by vulnerable versions of...

1.4AI score
Exploits0
CVE
CVE
added 2001/01/22 5:0 a.m.52 views

CVE-2000-0296

The CVE-2000-0296 entry documents a local privilege-escalation flaw in fcheck, where embedding shell metacharacters in file names processed by fcheck can allow a local user to gain higher privileges. The description and connected records confirm the affected component is fcheck, with the underlyi...

7.2CVSS7AI score0.00482EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.16 views

CVE-2000-0296

fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck...

6.6AI score0.00482EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2000/04/07 12:0 a.m.31 views

fcheck.txt

The short explanation: fcheck is a file integrity checker written in perl. It can send warnings to syslog via an external program such as logger1. Because it calls system with a scalar argument, a malicious user can cause it to execute programs by creating files with shell metacharacters in their...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/04/03 12:0 a.m.46 views

Дырка fcheck v.2.7.45

Вызов system из скрипта perl без проверки аргумента позволяет пользователю получить привелегии программы сконструировав специальное имя файла...

1AI score
Exploits0References1
securityvulns
securityvulns
added 2000/04/03 12:0 a.m.58 views

fcheck v.2.7.45 and insecure use of Perl's system()

The short explanation: fcheck is a file integrity checker written in perl. It can send warnings to syslog via an external program such as logger1. Because it calls system with a scalar argument, a malicious user can cause it to execute programs by creating files with shell metacharacters in their...

7.6AI score
Exploits0
NVD
NVD
added 2000/03/31 5:0 a.m.8 views

CVE-2000-0296

fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck...

7.2CVSS6.6AI score0.00482EPSS
Exploits1References2
Rows per page
Query Builder