CVE-2009-5082

The 1 configure and 2 config.guess scripts in GNU troff aka groff 1.20.1 on Openwall GNU//Linux aka Owl improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file...

Rhythmbox - '.m3u' Local Crash (PoC)

Exploit Title: Rhythmbox .m3u Local Crash Poc Vendor: http://projects.gnome.org/rhythmbox/ Author: Caddy-Dz Facebook Page: www.facebook.com/islam.caddy E-mail: [email protected] | [email protected] Website: www.exploit-id.com Category:: webapps Tested on: Ubuntu 10.10 - French Note ! :...

HB Ecommerce SQL Injection

------------- HB ECOMMERCE SQL Injection Vulnerability --------------- ------------------------------------------------------------------------ ------------------------------------------------------------------------ + Exploit Title: HB ECOMMERCE SQL Injection Vulnerability + Google Dork:...

OpenSSL leaks ECDSA private key through a remote timing attack

Overview The OpenSSL ladder implementation for scalar multiplication of points on elliptic curves over binary fields is susceptible to a timing attack vulnerability. This vulnerability can be used to steal the private key of a TLS server that authenticates with ECDSA signatures and binary curves...

Nic.cl Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Main URI: http://www.nic.cl Type: Cross Site Scripting Exploitable URI: http://www.nic.cl/cgi-bin/show-form?f=/example/201001191941%3Cbody%20onload=alert%28this%29%3E3a6 Status: Reported Date: April 20, 2011, 12:27 p.m. Reported on:...

CVE-2011-1548

The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated...

Default configuration

The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated...

CVE-2011-1548

CVE-2011-1548 concerns the logrotate utility on Debian-based systems, where the default configuration allows a non-root user to trigger symlink and hard-link attacks by exploiting logrotate’s handling of directories that are writable by non-root users. The underlying issue is the program processi...

CVE-2011-1548

The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated...

CVE-2011-1548

The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated...

CVE-2011-1548

The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated...

CVE-2011-0441

The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/...

Code injection

The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/...

CVE-2011-0441

CVE-2011-0441 is a local vulnerability in PHP 5.x packages (notably the Debian/Ubuntu php5 package) where the /etc/cron.d/php5 cron job can be abused by a local user to delete arbitrary files via a symlink attack on a directory under /var/lib/php5. The Debian advisory DSA 2195-1 and Ubuntu USN-13...

CVE-2011-1400

The default configuration of the shellescapecommands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute...

STARTTLS plaintext command injection vulnerability

Overview Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. Description STARTTLS is an extension to plaintext communication protocols that offers a way to upgrade a plaintext connection to an encrypted TLS or SSL connection...

CVE-2010-4338

ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine...

CVE-2010-4338

ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine...

CVE-2010-4338

ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine...

CVE-2010-4338

CVE-2010-4338 affects ocrodjvu 0.4.6-1 on Debian GNU/Linux. Local users can exploit a symlink attack on temporary files created when Cuneiform is invoked as the OCR engine to modify arbitrary files. The impact is described as ability to gain write access to arbitrary files, with local access and ...