EUVD-2003-1313

Malware in sbrugna...

Catalyst Mahara Group File Access Vulnerability

Catalyst Mahara is a social networking system from Catalyst IT in New Zealand. The system includes a blog, resume builder, file manager, and more. A security vulnerability exists in Catalyst Mahara. An attacker could exploit the vulnerability to cause group members to be unable to access uploaded...

CVE-2017-1000134

Affected Mahara versions: 1.8 before 1.8.6, 1.9 before 1.9.4, 1.10 before 1.10.1, and 15.04 before 15.04.0. Issue: when a group member changes access permissions on uploaded group files, other group members can lose access to those files. Root cause is a group-file permissions problem within Maha...

krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005)

It was found that ftpd, a Kerberos-aware FTP server, did not properly drop privileges. On Red Hat Enterprise Linux 5, the ftpd daemon did not check for the potential failure of the krb5setegid function call. On systems where the set real, set effective, or set saved group ID system calls might...

krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005)

It was found that ftpd, a Kerberos-aware FTP server, did not properly drop privileges. On Red Hat Enterprise Linux 5, the ftpd daemon did not check for the potential failure of the krb5setegid function call. On systems where the set real, set effective, or set saved group ID system calls might...