19 matches found
SUSE CVE-2008-4815
Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH...
Design/Logic Flaw
frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f e.g. fcore, fcatch, fstack, fstep, ... shipped in the package. A local attacker can exploit this vulnerability by running arbitrary...
CVE-2008-3278
frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f e.g. fcore, fcatch, fstack, fstep, ... shipped in the package. A local attacker can exploit this vulnerability by running arbitrary...
Compaq/Hewlett Packard Glance 11.00 Privilege Escalation Vulnerability
It has been identified that binaries that are executed with elevated privileges SetGID and SetUID programs in Compaq/HP's Glance for Linux have been compiled in manner that means they searched for libraries in insecure locations. Versions 11.00 and below are affected. Vulnerability title:...
Compaq/Hewlett Packard Glance 11.00 Privilege Escalation
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for Linux CVE: CVE-2014-2630 Vendor: Compaq/Hewlett Packard Product: Glance for Linux Affected version: 11.00 and subsequent Fixed version: HPSBMU03086 rev.3 Reported by: Tim...
CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2 CVE: CVE-2014-0907 Vendor: IBM Product: DB2 Affected version: V9.1, V9.5, V9.7, V10.1 and V10.5 Fixed version: V9.7 FP9a, V10.1 FP3a, V10.1 FP4 and V10.5 FP3a Reported by: Tim Brown Details: It ha...
CVE-2013-6216 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in multiple HP products on Linux
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics and SmartSSD Wear Gauge Utility Running on Linux CVE: CVE-2013-6216 Vendor: HP Product: HP Array Configuration...
BMC Patrol For AIX Insecure RPATH Use
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in BMC Patrol for AIX CVE: CVE-2014-2591 Vendor: BMC Product: Patrol for AIX Affected version: 3.9.00 Fixed version: N/A Reported by: Tim Brown Details: It has been identified that binaries that are executed...
RedHat Update for ibutils RHSA-2012:0311-03
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
acroread: use of insecure RPATH (APSB10-21)
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors...
RedHat Update for brltty RHSA-2010:0181-05
Check for the Version of brltty OpenVAS Vulnerability Test RedHat Update for brltty RHSA-2010:0181-05 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
RedHat Update for brltty RHSA-2010:0181-05
Check for the Version of brltty OpenVAS Vulnerability Test RedHat Update for brltty RHSA-2010:0181-05 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
CentOS Update for openoffice.org CESA-2008:0538 centos4 x86_64
Check for the Version of openoffice.org OpenVAS Vulnerability Test CentOS Update for openoffice.org CESA-2008:0538 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
CentOS Update for openoffice.org CESA-2008:0538 centos4 i386
Check for the Version of openoffice.org OpenVAS Vulnerability Test CentOS Update for openoffice.org CESA-2008:0538 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...
CVE-2008-4815
Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH...
openoffice.org: insecure relative RPATH in OOo 1.1.x packages
Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org OOo 1.1.x on Red Hat Enterprise Linux RHEL 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use in...
Important: Red Hat Security Advisory: openoffice.org security update
Updated openoffice.org packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...
GLSA-200509-05 : Net-SNMP: Insecure RPATH
The remote host is affected by the vulnerability described in GLSA-200509-05 Net-SNMP: Insecure RPATH James Cloos reported that Perl modules from the Net-SNMP package look for libraries in an untrusted location. This is due to a flaw in the Gentoo package, and not the Net-SNMP suite. Impact : A...
Net-SNMP: Insecure RPATH
Background Net-SNMP is a suite of applications used to implement the Simple Network Management Protocol. Description James Cloos reported that Perl modules from the Net-SNMP package look for libraries in an untrusted location. This is due to a flaw in the Gentoo package, and not the Net-SNMP suit...