14 matches found
SUSE CVE-2026-31717
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...
CVE-2026-31717
In the Linux kernel ksmbd, a vulnerability allows an authenticated user to hijack an orphaned durable handle by reconnecting with a different security context. The issue stems from ksmbd not verifying that the requester’s SecurityContext matches the original opener when a durable handle is reconn...
Time-of-check Time-of-use (TOCTOU) Race Condition
snowflake.data is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. The vulnerability is due to improper verification of the file owner when reading a user-provided logging configuration file on Linux and macOS, allowing a local attacker to overwrite the configuration and contro...
ALPINE-CVE-2024-36137
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to...
Security update for inn (moderate)
openSUSE Security Update: Security update for inn Announcement ID: openSUSE-SU-2020:1427-1 Rating: moderate References: 1172573 Cross-References: CVE-2020-8026 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update for in...
OPENSUSE-SU-2020:1304-1 Security update for inn
This update for inn fixes the following issues: - change file owners in /usr/lib/news to root boo1172573 CVE-2020-8026 This update was imported from the openSUSE:Leap:15.1:Update update project...
openSUSE Security Update : inn (openSUSE-2020-1272)
This update for inn fixes the following issues : - change file owners in /usr/lib/news to root boo1172573 CVE-2020-8026 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-1272. The text description of...
AIX 5.1 Bellmail Local Race Condition Exploit Exploit
No description provided by source. -bash-2.05b$ -bash-2.05b$ cat xaix5bellmail.pl !/usr/bin/perl FileName: xaix5bellmail.pl Exploit Race condition vulnerability BUGTRAQ ID: 8805 of /usr/bin/bellmail command on Aix5 to change any file owner to current user. Usage : xaix5bellmail.pl aimfile aimfile...
Updated moodle packages fix multiple security vulnerabilities
Updated moodle package fixes security vulnerabilities: In Moodle before 2.4.9, question strings were not being filtered correctly possibly allowing cross site scripting, as quizquestiontostring can cause invalid HTML CVE-2014-2571. Feedback Availability dates not honored in complete.php in Moodle...
UoW pop2d Remote File Retrieval Vulnerability
This module exploits a vulnerability in the FOLD command of the University of Washington ipop2d service. By specifying an arbitrary folder name it is possible to retrieve any file which is world or group readable by the user ID of the POP account. This vulnerability can only be exploited with a...
AIX 5.1 Bellmail Local Race Condition Exploit (Instructions w/ Exploit)
No description provided by source. -bash-2.05b$ -bash-2.05b$ cat xaix5bellmail.pl !/usr/bin/perl FileName: xaix5bellmail.pl Exploit "Race condition vulnerability BUGTRAQ ID: 8805" of /usr/bin/bellmail command on Aix5 to change any file owner to current user. Usage : xaix5bellmail.pl aimfile aimfi...
x_aix5_bellmail.pl.txt
-bash-2.05b$ -bash-2.05b$ cat xaix5bellmail.pl !/usr/bin/perl FileName: xaix5bellmail.pl Exploit "Race condition vulnerability BUGTRAQ ID: 8805" of /usr/bin/bellmail command on Aix5 to change any file owner to current user. Usage : xaix5bellmail.pl aimfile aimfile : then file wich you want to cho...
Novell Netmail weak permissons
uid/gid 500/500 is incorrectly set as file owner...
AIX 5.1 Bellmail Local Race Condition Exploit (Instructions w/ Exploit)
Exploit for aix platform in category local exploits ======================================================================= AIX 5.1 Bellmail Local Race Condition Exploit Instructions w/ Exploit ======================================================================= -bash-2.05b$ -bash-2.05b$ cat...