191 matches found
Analysis of black anti-CD QQ black hand-vulnerability warning-the black bar safety net
Look at the hack line of Defense for the official announcement, 6 issues disc this month I promote the column, the moving network vulnerabilities using the animation included with the tool will make the antivirus Alarm, tips for Trojan-PSW. Win32. QQShou. ed. A thought, my old magic computer blac...
Compromised Windows System (hosts File Check)
The remote Windows host uses the file 'System32\drivers\etc\hosts' to fix the name resolution of some sites to localhost or internal systems. Some viruses or spyware modify this file to prevent antivirus software or other security software from obtaining updates. Nessus has found one or more...
Analysis of black anti-CD QQ black hand-vulnerability warning-the black bar safety net
Article author: 混世魔王 QQ: 2 6 8 3 6 6 5 9 Information source: evil octal information security team www.eviloctal.com) Note: this article has been published in the hacker defence magazine cheat money, master skip, there are deficiencies, but also look pointing. Look at the hack line of Defense for...
CVE-2006-1296
Untrusted search path vulnerability in Beagle 0.2.2.1 might allow local users to gain privileges via a malicious beagle-info program in the current working directory, or possibly directories specified in the PATH...
CVE-2006-1197
SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program...
CVE-2006-1197
SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program...
Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass
Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass source: https://www.securityfocus.com/bid/15347/info Zone Labs Zone Alarm is prone to a weakness that permits the bypassing of the Advanced Program Control protection. Reports indicate that applications can create a modal dialog box...
FTP Writable Directories
By crawling through the remote FTP server, Nessus discovered several directories were marked as being world-writable. This could have several negative impacts : - Temporary file uploads are sometimes immediately available to all anonymous users, allowing the FTP server to be used as a 'drop' poin...
CVE-2002-2017
sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd...
CVE-2004-1149
Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions ACLs, which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe...
CVE-2004-0850
Star before 1.5alpha46 does not drop the effective user ID euid before calling external programs, which could allow local users to gain privileges by modifying the RSH environment variable to reference a malicious program...
CVE-2002-1469
scponly does not properly verify the path when finding the 1 scp or 2 sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs...
CVE-2002-1239
QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program...
CVE-2004-0157
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program...
PT-2003-1835 · Sco · Sco Internet Manager
Name of the Vulnerable Software and Affected Versions: SCO Internet Manager mana affected versions not specified Description: The issue allows local users to execute arbitrary programs. This is achieved by setting the REMOTE ADDR environment variable to make menu.mana run as if it were called fro...
AIX 4.35.1 - diagrpt Arbitrary Privileged Program Execution
AIX 4.35.1 - diagrpt Arbitrary Privileged Program Execution source: https://www.securityfocus.com/bid/2916/info AIX ships with a diagnostic reporting utility called 'diagrpt'. This utility is installed setuid root by default. When 'diagrpt' executes, it relies on an environment variable to locate...
Microsoft Virtual Machine allows applets write access to the Standard Security Manager
Overview A flaw in the Microsoft virtual machine Microsoft VM could allow malicious Java applets to block other, legitimate applets from running, resulting in a denial-of-service condition. Description The Microsoft virtual machine Microsoft VM enables Java programs to run on Windows platforms. T...
BubbleMon 1.x Kernel - Memory File Descriptor Leakage
BubbleMon 1.x Kernel - Memory File Descriptor Leakage source: https://www.securityfocus.com/bid/5714/info It has been reported that BubbleMon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to...
WMNet2 1.0 6 - Kernel Memory File Descriptor Leakage
source: https://www.securityfocus.com/bid/5719/info It has been reported that wmnet2 is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file descriptors for /dev/mem and...
WMNet2 1.0 6 - Kernel Memory File Descriptor Leakage
WMNet2 1.0 6 - Kernel Memory File Descriptor Leakage source: https://www.securityfocus.com/bid/5719/info It has been reported that wmnet2 is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to...