Слабые разрешения в MacOSX (weak permissions)

Пользовательская папка Desktop открыта на запись для всех...

CVE-2001-0706

Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service crash via a mkdir command that specifies a large number of sub-folders...

CVE-2001-0243

Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers t...

Security Vulnerability with Microsoft Index Server 2.0(Sample fil e reveals file info, physical path etc)

Hi I noticed index server sample file is vulnerable which reveals file info and physical path. Vulnerable Microsoft Index Server 2.0 + IIS 4.0 + Windows NT Server 4.0 + Service Pack 6a Details The Index Server Sample file SQLQHit.asp shipped with Microsoft Index Server 2.0 and Option pack 4.0 , i...

Security-issues with Icecast Version 1.3.7

Digit-Labs Security Advisory http://www.digit-labs.org/ Advisory Name: Security-issues with Icecast Version 1.3.7 Release Date: Application: Tested on Icecast Version 1.3.7 Platform: Windows 2000 Prof Severity: Medium Authors: GoLLuM.no mailto:[email protected] Vendor Status: Unknown Executiv...

MacOSX 10.0.X Permissions uncorrectly set

Permissions of /Users/yourname/Desktop which show your desktop is xrwxrwxrwx, allowing every user to read/write on your own Desktop folder. Fix: chmod 755 or chmod 750 /Users/yourname/Desktop Apple have been warned long ago and as of 10.0.4 it is stil not fixed. Les moines...

SlimServe HTTPd ver. 1.1a Directory Traversal

it is possible to view dir. and download files outside of the wwwroot directory. Exploit: http://127.0.0.1/.../ http://127.0.0.1/.../.../directory/file.xxx Solution: disable folder listings it is enabled by default, which will secure you from viewing dir. outside of the wwwroot dir.But it is stil...

Elm 2.5.3 - Alternative-Folder Buffer Overflow

Elm 2.5.3 - Alternative-Folder Buffer Overflow // source: https://www.securityfocus.com/bid/2403/info There is a buffer overflow in elm 2.5 PL3. This overflow is accessible by passing a long string to the -f Alternative-Folder command-line option. This vulnerability may not be restricted to this...

CVE-2000-0884

The CVE-2000-0884 entry describes a directory traversal/command execution vulnerability in Microsoft IIS 4.0 and 5.0. Public sources (SAINT, OpenVAS) confirm that by encoding invalid characters in Unicode (e.g., %c0%af) an attacker can bypass path validation and access the server’s filesystem fro...

Mac OS 9 Multiple Users Control Panel Password Vulnerability

Mac OS 9.04 comes with a 'Multiple Users' Control Panel that allows an administrator called 'Owner' to create user accounts called 'Normal' users with limited access to the computer. The problem is that the Owner password can be removed by a Normal user by moving the 'Users & Groups Data File and...

Проблемы в TrendMicro InterScan VirusWall (shared folder permissons)

При установке создается разделяемая папка, содержащая исполняемые файлы доступная всем пользователям на запись/изменение...

Дырки в Ghostscript

Уязвимость символьных линков при создании временных файлов, кроме того при поиске динамических библиотек используется локальная папка...

Microsoft Internet Explorer 5.5 - 'Index.dat' (MS00-055)

source: https://www.securityfocus.com/bid/1978/info IE 5.5 and possibly other versions stores recently visited URLs and cache folder names in a local file called index.dat. This file is kept in the following known locations: Windows 9x: C:/WINDOWS/Temporary Internet Files/Content.IE5/ Windows 200...

MS IE5 + ftp proxy

Problem: IE5 doesn't use proxy for FTP connection if option "Enable folder view for FTP sites" is checked. This option is checked by default. Configuration: tested in 2 configurations: 1. Windows NT 4.0 wrkst + SP5 + IE5.0 2. Windows NT 4.0 wrkst + SP6a + IE5.01 both has a problems. There is no...

ralfchat12.txt

RALF'S CHAT V.12 - http://www.ralfchat.de Ralf's Chat is a free cgi based chat program. But Ralf's Chat has some awful bugs in it. I played myself with the CGI and discovered that the masterpassword is set by a default password called: mpw So, if someone else who carries on this chatedited the...

CVE-1999-0824

A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users...

FrontPage 98Personal WebServer 1.0 Personal Web Server 2.0 - htimage.exe File Existence Disclosure

FrontPage 98Personal WebServer 1.0 Personal Web Server 2.0 - htimage.exe File Existence Disclosure source: https://www.securityfocus.com/bid/1141/info htimage.exe can be used to determine if a specified path and filename exists on the target host or not. The specified path must be on the same...

All Users startup folder left open if unattended install and OEMP reinstall=1

About a month ago I posted the following to the win2ksecadvice list. However, I received no response. I thought I'd try again since I consider this problem to be pretty serious since it will allow any user to introduce a code stream on another user. I recently noticed a problem with Windows 2000...

Microsoft Windows NT 4.0 - User Shell Folders

Microsoft Windows NT 4.0 - User Shell Folders source: https://www.securityfocus.com/bid/1042/info The registry value HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Startup specifies the shared startup folder for all users on a system. This key is set...

CVE-2000-0119

The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection...