17 matches found
EUVD-2007-4119
Malware in sbrugna...
Globus Toolkit GridFTP Server < 3.42 / 6.11 'getpwnam_r()' Authentication Bypass Vulnerability
According to its self-reported version number, the remote FTP server is running a version of GridFTP Server earlier than 3.42 / 6.11. Such versions reportedly are affected by an authentication bypass vulnerability caused by incorrect use of 'getpwnamr'. When a 'gridmap' file is improperly...
CVE-2012-3292
The GridFTP in Globus Toolkit GT before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnamr function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the la...
DEBIAN-CVE-2012-3292
The GridFTP in Globus Toolkit GT before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnamr function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the la...
CVE-2012-3292
The GridFTP in Globus Toolkit GT before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnamr function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the la...
CVE-2012-3292
The GridFTP in Globus Toolkit GT before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnamr function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the la...
CVE-2012-3292
CVE-2012-3292 affects the GridFTP component of Globus Toolkit (GT) prior to 5.2.2, where insufficient validation of a name lookup (getpwnam_r) could cause privilege escalation if a login uses a non-existent user, allowing GridFTP to run as the last user in the password file. Public references in ...
CVE-2012-3292
The GridFTP in Globus Toolkit GT before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnamr function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the la...
Mandriva Update for libnfsidmap MDKSA-2007:240 (libnfsidmap)
Check for the Version of libnfsidmap OpenVAS Vulnerability Test Mandriva Update for libnfsidmap MDKSA-2007:240 libnfsidmap Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Mandriva Update for libnfsidmap MDKSA-2007:240 (libnfsidmap)
Check for the Version of libnfsidmap OpenVAS Vulnerability Test Mandriva Update for libnfsidmap MDKSA-2007:240 libnfsidmap Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
[ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:240 http://www.mandriva.com/security/ Package : libnfsidmap Date : December 7, 2007 Affected: 2007.0, Corporate 4.0 Problem Description: The NFSv4 ID mapper prior to 0.17 did not properly handle return value...
nfs-utils-lib NFSv4 user id mapping flaw
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
CVE-2007-4135
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
Code injection
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
CVE-2007-4135
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
CVE-2007-4135
The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...
CVE-2007-4135
CVE-2007-4135 affects the NFSv4 ID mapper (libnfsidmap) prior to 0.17. The root cause is improper handling of return values from getpwnam_r during username lookup, which can cause a file to be reported as owned by root instead of nobody when the file exists on the server but not on the client. Pu...