EUVD-2001-1305

Malware in sbrugna...

idtools.org Cross Site Scripting vulnerability OBB-1201855

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

idtools.org Improper Access Control vulnerability

Security Researcher kun-fly Helped patch 557 vulnerabilities Received 7 Coordinated Disclosure badges Received 40 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting idtools.org website and its users. Following coordinated an...

CVE-2001-1324

The CVE-2001-1324 issue affects Paul Jarc’s idtools (cvmlogin and statfile) prior to 2001-06-27, where the code does not properly validate the return value of pathexec_env. This absence of check could allow setuid to the UID environmental variable, enabling local privilege escalation. The availab...

CVE-2001-1324

cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexecenv function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges...