CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

2.1CVSS7.1AI score0.00055EPSS

Exploits1References2

OpenVAS•added 2008/09/04 12:0 a.m.•15 views

FreeBSD Ports: ko-helvis

The remote host is missing an update to the system as announced in the referenced advisory. VID 0cf3480d-5fdf-11d9-b721-00065be4b5b6 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

2.1CVSS6.7AI score0.00055EPSS

Exploits1

OpenVAS•added 2008/09/04 12:0 a.m.•18 views

FreeBSD Ports: ko-helvis

The remote host is missing an update to the system as announced in the referenced advisory. VID bb99f803-5fde-11d9-b721-00065be4b5b6 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

2.1CVSS0.00081EPSS

Exploits0

Tenable Nessus•added 2005/07/13 12:0 a.m.•13 views

FreeBSD : helvis -- arbitrary file deletion problem (0cf3480d-5fdf-11d9-b721-00065be4b5b6)

The setuid root elvprsv utility, used to preserve recovery helvis files, can be abused by local users to delete with root privileges. The problem is that elvprsv deletes files when it thinks they have become corrupt. When elvprsv is pointed to a normal file then it will almost always think the fi...

2.1CVSS5.5AI score0.00055EPSS

Exploits1References3

Tenable Nessus•added 2005/07/13 12:0 a.m.•22 views

FreeBSD : helvis -- information leak vulnerabilities (bb99f803-5fde-11d9-b721-00065be4b5b6)

Once a recovery file has been preserved by the setuid root elvprsv utility it is placed in a worldreadable directory with worldreadable permissions. This possibly allows sensitive information to leak. In addition to this information leak, it is possible for users to recover files that belong to...

2.1CVSS5.3AI score0.00081EPSS

Exploits0References4

NVD•added 2005/05/02 4:0 a.m.•6 views

CVE-2005-0120

helvis 1.8h21 and earlier allows local users to delete arbitrary files via the elvprsv setuid program...

2.1CVSS6.4AI score0.00055EPSS

Exploits1References1

NVD•added 2005/05/02 4:0 a.m.•10 views

CVE-2005-0118

helvis 1.8h21 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users...

2.1CVSS6.1AI score0.00048EPSS

Exploits0References1

Cvelist•added 2005/01/19 5:0 a.m.•10 views

CVE-2005-0118

helvis 1.8h21 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users...

6.1AI score0.00048EPSS

Exploits0References1

Cvelist•added 2005/01/19 5:0 a.m.•11 views

CVE-2005-0120

helvis 1.8h21 and earlier allows local users to delete arbitrary files via the elvprsv setuid program...

6.3AI score0.00055EPSS

Exploits1References1

Cvelist•added 2005/01/19 5:0 a.m.•19 views

CVE-2005-0119

helvis 1.8h21 and earlier allows local users to recover and read the files of other users via the elvrec setuid program...

6.1AI score0.00081EPSS

Exploits0References1

CVE•added 2005/01/19 5:0 a.m.•39 views

CVE-2005-0120

CVE-2005-0120 affects helvis

2.1CVSS6.4AI score0.00055EPSS

Exploits1References1

CVE•added 2005/01/19 5:0 a.m.•40 views

CVE-2005-0118

CVE-2005-0118 affects helvis 1.8h2_1 and earlier. The vulnerability arises because recovery files are stored in world-readable directories with world-readable permissions, allowing local users to read recovered files of other users. Multiple sources (NVD/CVE, FreeBSD VuXML and OpenVAS entries) co...

2.1CVSS6.1AI score0.00048EPSS

Exploits0References1Affected Software1

CVE•added 2005/01/19 5:0 a.m.•66 views

CVE-2005-0119

CVE-2005-0119 affects helvis 1.8h2_1 and earlier, where the setuid elvrec program allows local users to read other users’ files. The FreeBSD vuXML/OpenVAS entries corroborate an information-leak/vector via elvrec/elvprsv, but no specific patched versions or remediation steps are provided in the s...

2.1CVSS6.2AI score0.00081EPSS

Exploits0References1Affected Software1

CVE•added 2001/03/09 5:0 a.m.•71 views

CVE-2001-0220

CVE-2001-0220 describes a buffer overflow in the ja-elvis and ko-helvis ports of the Elvis program that allows local users to gain root privileges. The NVD entry lists a CVSSv2 base score of 7.2 ( HIGH ) with LOCAL attack vector, LOW complexity, no authentication required, and complete impact on ...

7.2CVSS7.3AI score0.00429EPSS

Exploits1References1Affected Software2

Exploit DB•added 2001/03/03 12:0 a.m.•39 views

FreeBSD 3.5.1/4.2 - Ports Package 'elvrec' Local Privilege Escalation

/ ja-elvis & ko-helvis - FreeBSD 3.5.1 & 4.2 ports package local root exploit vulnerable: versions prior to ja-elvis-1.8.41 and ko-helvis-1.8h21 The above two packages contain a file recovery utility 'elvrec', installed suid root4755 by default. The utility is subject to a buffer overflow leading...

7.4AI score

Exploits0

securityvulns•added 2001/02/08 12:0 a.m.•38 views

Ports Security Advisory: FreeBSD-SA-01:21.ja-elvis

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:21 Security Advisory FreeBSD, Inc. Topic: ja-elvis and ko-helvis ports contain a local root compromise Category: ports Module: ja-elvis/ko-helvis Announced: 2001-02-07...

0.2AI score

Exploits0

FreeBSD Advisory•added 2001/02/07 12:0 a.m.•3 views

FreeBSD-SA-01:21.ja-elvis

6AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by