Splunk Universal Forwarder 安全漏洞

Splunk Universal Forwarder is a Splunk component from Splunk, Inc. A security vulnerability exists in Splunk Universal Forwarder versions prior to 9.4.2, prior to 9.3.4, prior to 9.2.6, and prior to 9.1.9 that stems from improperly assigned installation directory permissions...

CVE-2023-25542

Dell Trusted Device Agent, versions prior to 5.3.0, contains an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges...

Information disclosure

Dell Trusted Device Agent, versions prior to 5.3.0, contains an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges...

Jenkins Vulnerable to Denial of Service (DoS)

Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service improper plug-in and tool installation via crafted update center data...

cactushop-mdb.txt

Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...

CACTUSHOP 6 Default Installation Allows Remote Database Disclosure

Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...

CVE-2001-0136

ProFTPD 1.2.0rc2 is affected by a memory leak that can be exploited to cause DoS via a sequence of USER commands and, if the server is installed with a writable scoreboard, possibly SIZE commands. Mandrake advisory notes the USER and SIZE leaks (SIZE only when scoreboard is writable) and mentions...

Digital Ultrix 4.04.1 - usrbinchroot Local Privilege Escalation

Digital Ultrix 4.04.1 - usrbinchroot Local Privilege Escalation source: https://www.securityfocus.com/bid/17/info By default, /usr/bin/chroot is improperly installed in Ultrix versions 4.0 and 4.1. Anyone can execute /usr/bin/chroot this can lead to system users to gain unauthorized privileges. $...

Digital Ultrix 4.0/4.1 - '/usr/bin/chroot' Local Privilege Escalation

source: https://www.securityfocus.com/bid/17/info By default, /usr/bin/chroot is improperly installed in Ultrix versions 4.0 and 4.1. Anyone can execute /usr/bin/chroot this can lead to system users to gain unauthorized privileges. $ mkdir /tmp/etc $ echo root::0:0::/:/bin/sh /tmp/etc/passwd $...