5 matches found
EUVD-2012-3487
Malware in sbrugna...
LPRng 3.6.x Failure To Drop Supplementary Groups Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2865/info The LPRng software is an enhanced, extended, and portable implementation of the Berkeley LPR print spooler functionality. When the LPRng daemon is initialized, it fails to drop its supplementary groups. As a...
CVE-2012-3537
The Crowbar Ohai plugin chef/cookbooks/ohai/files/default/plugins/crowbar.rb in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names...
Samba 2.0.x - Insecure TMP File Symbolic Link
Samba 2.0.x - Insecure TMP File Symbolic Link // source: https://www.securityfocus.com/bid/2617/info Samba is a flexible file sharing packaged maintained by the Samba development group. It provides interoperatability between UNIX and Microsoft Windows systems, permitting the sharing of files and...
Slackware Linux - usrbinppp-off Insecure tmp Call
Slackware Linux - usrbinppp-off Insecure tmp Call !/bin/sh In SlackWare Linux the script /usr/bin/ppp-off writes the output of 'ps x' to /tmp/grep.tmp. Since root is the user that runs ppp-off, a non-privileged user could create a link from /tmp/grep.tmp to any fileie: /etc/issue, thus when root...