Lucene search
K

7 matches found

Gentoo Linux
Gentoo Linux
added 2010/09/21 12:0 a.m.19 views

python-updater: Untrusted search path

Background python-updater is a script used to remerge python packages when changing Python version. Description Robert Buchholz of the Gentoo Security Team reported that python-updater includes the current working directory and subdirectories in the Python module search path sys.path before calli...

2.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/10/25 12:0 a.m.39 views

GLSA-200710-23 : Star: Directory traversal vulnerability

The remote host is affected by the vulnerability described in GLSA-200710-23 Star: Directory traversal vulnerability Robert Buchholz of the Gentoo Security team discovered a directory traversal vulnerability in the hasdotdot function which does not identify //.. slash slash dot dot sequences in...

6.8CVSS5.7AI score0.03009EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2007/10/07 12:0 a.m.26 views

libsndfile: Buffer overflow

Background libsndfile is a library for reading and writing various formats of audio files including WAV and FLAC. Description Robert Buchholz of the Gentoo Security team discovered that the flacbuffercopy function does not correctly handle FLAC streams with variable block sizes which leads to a...

7.5CVSS7.2AI score0.04488EPSS
Exploits0
securityvulns
securityvulns
added 2005/09/17 12:0 a.m.21 views

arc insecure temporary file creation

arc insecure temporary file creation Vendor: http://arc.sourceforge.net/ Advisory: http://www.zataz.net/adviso/arc-09052005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low The vulnerability is caused due to temporary file being created insecurely. The temporary fil...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2005/09/16 12:0 a.m.33 views

[VulnWatch] ncompress insecure temporary file creation

ncompress insecure temporary file creation Vendor: ftp://ftp.leo.org/pub/comp/os/unix/linux/sunsite/utils/compress/ Advisory: http://www.zataz.net/adviso/ncompress-09052005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low The vulnerability is caused due to temporary...

2.1CVSS0.7AI score0.00365EPSS
Exploits0
securityvulns
securityvulns
added 2005/05/17 12:0 a.m.33 views

[Full-disclosure] MySQL < 4.0.12 && MySQL <= 5.0.4 : Insecure tmp file handling

MySQL mysqlinstalldb data manipulation vendor: http://www.mysql.com advisory: http://www.zataz.net/adviso/mysql-05172005.txt vendor informed: yes exploit available:no MySQL contain a security flaw how could allow a malicious local attacker to inject arbitrary SQL commands during database creation...

0.1AI score
Exploits0
FreeBSD
FreeBSD
added 2005/04/13 12:0 a.m.22 views

junkbuster -- heap corruption vulnerability and configuration modification vulnerability

A Debian advisory reports: James Ranson discovered that an attacker can modify the referrer setting with a carefully crafted URL by accidently overwriting a global variable. Tavis Ormandy from the Gentoo Security Team discovered several heap corruptions due to inconsistent use of an internal...

6.7AI score
Exploits0References2
Rows per page
Query Builder