Lucene search
K

160 matches found

exploitpack
exploitpack
added 2005/03/25 12:0 a.m.22 views

Smail 3 - Multiple RemoteLocal Vulnerabilities

Smail 3 - Multiple RemoteLocal Vulnerabilities // source: https://www.securityfocus.com/bid/12899/info Smail-3 is reported prone to multiple vulnerabilities. These issues can allow a local or remote attacker to execute arbitrary code on a vulnerable computer. A successful attack may lead to a...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/12/28 12:0 a.m.39 views

GLSA-200412-25 : CUPS: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200412-25 CUPS: Multiple vulnerabilities CUPS makes use of vulnerable Xpdf code to handle PDF files CAN-2004-1125. Furthermore, Ariel Berkman discovered a buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltop...

9.3CVSS6.2AI score0.08954EPSS
Exploits4References8
securityvulns
securityvulns
added 2004/12/24 12:0 a.m.34 views

Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation

Venustech AD-Lab www.venustech.com.cn Security Advisory Advisory: ADLAB-04003Linux 2.6. Kernel Capability LSM Module Local Privilege Elevation Authors: [email protected] Release: 09/12/04 Class: Design Error Remote: No, local Vulnerable: Linux kernel 2.6. Linux kernel 2.5.72-lsm1...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2003/10/07 12:0 a.m.23 views

SNAP Innovation's PrimeBase Database 4.2 poor default file permissions.

SNAP Innovation's PrimeBase Database 4.2 poor default file permissions and use of symlinks during install. September 1, 2003 I. BACKGROUND From the readme.txt file "The PrimeBase Database Server is a relational Database Management System DBMS for Mac, UNIX and Windows platforms. The PrimeBase...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2003/08/07 12:0 a.m.21 views

D-Link 704p Broadband Router Remote / Local DoS

02 August 2003 Hardware: D-Link 704p Vulnerability: Multiple Local/Remote see below Warning Level: Moderate Description: This small advisory is on the D-Link 704p router with firmware version 2.70. The router is a small 4 port DSL/CABLE router. Earlier this year I made a small post on BUGTRAQ abo...

7.7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/05 12:0 a.m.36 views

FlashFXP 1.4 - User Password Encryption

// source: https://www.securityfocus.com/bid/7499/info FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for remote sites. / Flashfxp sites.dat...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/03/26 12:0 a.m.45 views

APC < 3.8.0 apcupsd Multiple Vulnerabilities

The remote host is running the apcupsd client which, according to its version number, is affected by multiple vulnerabilities : - The configuration file '/var/run/apcupsd.pid' is by default world-writable. A local attacker could re-write this file with other process IDs in order to crash the...

10CVSS6.5AI score0.05174EPSS
Exploits1References5
NVD
NVD
added 2003/01/02 5:0 a.m.19 views

CVE-2002-1379

OpenLDAP2 OpenLDAP 2 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges...

7.5CVSS7.4AI score0.02912EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2002/12/12 12:0 a.m.28 views

akfingerd 0.5 Multiple Vulnerabilities

The remote finger service appears to vulnerable to a remote attack which can disrupt the service of the finger daemon. This denial of service does not affect other services that may be running on the remote computer, only the finger service can be disrupted. akfingerd version 0.5 or earlier is...

5CVSS5.5AI score0.01397EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2002/09/09 12:0 a.m.38 views

Trillian Instant Messaging 0.x - Credential Encryption

// source: https://www.securityfocus.com/bid/5677/info The Trillian instant messaging client uses weak encryption to store saved authentication credentials for instant messaging services. The credentials are encrypted by using XOR with a static key that is used with every installation of the...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.17 views

CVE-1999-1326

wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR abort file transfer command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files...

6.8AI score0.01522EPSS
Exploits0References3
CVE
CVE
added 2002/03/09 5:0 a.m.66 views

CVE-2001-0635

Red Hat Linux 7.1 is affected by CVE-2001-0635 due to insecure permissions on swap files created at install. The swap files could be world-readable, enabling a local attacker to read sensitive data such as passwords and potentially escalate privileges. The connected Red Hat advisory RHSA-2001:058...

4.6CVSS6.5AI score0.00381EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2001/10/02 12:0 a.m.50 views

RAZOR advisory: multiple Sendmail vulnerabilities

RAZOR Advisory: Multiple Local Sendmail Vulnerabilities ======================================================= Author: Michal Zalewski [email protected] Release Date: 10/01/2001 Assigned CVE numbers: CAN-2001-0713, CAN-2001-0714, CAN-2001-0715 Topic: ------ The Sendmail mail delivery...

4.6CVSS0.1AI score0.00415EPSS
Exploits1
CVE
CVE
added 2001/09/12 4:0 a.m.57 views

CVE-1999-1388

The CVE-1999-1388 entry concerns SunOS 4.1.x, where the passwd utility is vulnerable to a local symlink attack via the -F command line argument. This allows local users to overwrite arbitrary files, due to the underlying symlink race condition in passwd. The affected component is the passwd progr...

6.2CVSS7.2AI score0.00399EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2001/07/27 4:0 a.m.48 views

CVE-2001-0623

CVE-2001-0623 affects the sendfiled component of SAFT on Linux, where privileges are not properly dropped when sending notification emails, enabling a local user to gain privileges (local privilege escalation). The issue is documented in Debian security advisories DSA-050-1 and DSA-052-1, which d...

4.6CVSS6.4AI score0.00802EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2000/11/14 12:0 a.m.25 views

DoS против small http

Наблюдается утечка к памяти при запросе листинга каталога с отсутствующим index.html, сервер перестает отвечать на запросы, если соединения закрывается до начала передачи данных клиенту, кроме того есть локальные атаки...

7.2AI score
Exploits0References1Affected Software1
CVE
CVE
added 2000/04/18 4:0 a.m.59 views

CVE-2000-0107

The CVE-2000-0107 entry concerns the Linux apcd program, which is vulnerable to a local symlink attack that lets an authenticated local attacker modify arbitrary files. The root cause is improper handling of symlinks, enabling file overwrites via symlink manipulation. The available references con...

7.2CVSS6.8AI score0.00788EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2000/02/16 5:0 a.m.129 views

CVE-2000-0147

The CVE-2000-0147 issue affects snmpd on SCO OpenServer, where the SNMP community string is writable by default. This enables local attackers to modify the host’s configuration. Connected sources corroborate the default-write vulnerability but do not provide a patch or explicit remediation details.

2.1CVSS7.4AI score0.00365EPSS
Exploits0References3Affected Software1
NVD
NVD
added 1997/09/01 4:0 a.m.10 views

CVE-1999-1133

HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via 1 vuefile, 2 vuepad, 3 dtfile, or 4 dtpad, which do not authenticate users...

4.6CVSS0.00471EPSS
Exploits0References2
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.12 views

Security Update for Windows Server 2003 for Itanium-based Systems (KB2731847)

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

2.5AI score
Exploits0
Rows per page
Query Builder