EUVD-2007-4119

Malware in sbrugna...

CVE-2012-3292

The GridFTP in Globus Toolkit GT before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnamr function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the la...

CVE-2012-3292

CVE-2012-3292 affects the GridFTP component of Globus Toolkit (GT) prior to 5.2.2, where insufficient validation of a name lookup (getpwnam_r) could cause privilege escalation if a login uses a non-existent user, allowing GridFTP to run as the last user in the password file. Public references in ...

CVE-2012-3292

The GridFTP in Globus Toolkit GT before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnamr function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the la...

[ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:240 http://www.mandriva.com/security/ Package : libnfsidmap Date : December 7, 2007 Affected: 2007.0, Corporate 4.0 Problem Description: The NFSv4 ID mapper prior to 0.17 did not properly handle return value...

CVE-2007-4135

The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...