5 matches found
RHEL 4 : libsdp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libsdp: insecure log file handling CVE-2010-4173 Note that Nessus has not tested for this issue but has instead...
RHEL 5 : libsdp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libsdp: insecure log file handling CVE-2010-4173 Note that Nessus has not tested for this issue but has instead...
H-Sphere Control Panel不安全日志文件权限漏洞
H-Sphere Control Panel是多域名/站点管理控制面板程序。 域名/站点管理不安全日志文件权限问题,本地攻击者可以利用漏洞破坏系统文件,造成拒绝服务或特权提升问题。 目前没有详细漏洞细节提供。 Positive Software H-Sphere 2.4.3 http://www.psoft.net/hsphere2info.html...
CVE-2006-4396
The Apple Type Services ATS server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack...
ssmtp insecure file creation
Hi, ssmtp 2.50.6 create a logfile /tmp/ssmtp.log. The data in this logfile is user specified. It's possible to overwrite any file with the permissons of the ssmtp program normally root. The vulnerable call is in logevent. logevent vulnerable call: ifdef LOGFILE iffp = fopen"/tmp/ssmtp.log", "a" !...