EUVD-2008-1089

Malware in sbrugna...

LinuxCIFS utils: Multiple Vulnerabilities

Background The LinuxCIFS utils are a collection of tools for managing Linux CIFS Client Filesystems. Description Multiple vulnerabilities have been discovered in LinuxCIFS utils. Please review the CVE identifiers referenced below for details. Impact A stack-based buffer overflow when parsing the...

LinuxCIFS: Shell injection

Background The LinuxCIFS utils are a collection of tools for managing Linux CIFS Client Filesystems. Description The mount.cifs utility had a shell injection issue where one can embed shell commands via the username mount option. Those commands will be run via popen in the context of the user...

Gentoo Security Advisory GLSA 201206-29 (mount-cifs)

The remote host is missing updates announced in advisory GLSA 201206-29. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Gentoo Security Advisory GLSA 200903-07 (samba)

The remote host is missing updates announced in advisory GLSA 200903-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

nfs-utils: Access restriction bypass

Background nfs-utils contains the client and daemon implementations for the NFS protocol. Description Michele Marcionelli reported that nfs-utils invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups. Impact A remote attacker could bypass...

Gentoo Security Advisory GLSA 200501-44 (ncpfs)

The remote host is missing updates announced in advisory GLSA 200501-44. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200705-15 (samba)

The remote host is missing updates announced in advisory GLSA 200705-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200411-22 (davfs2)

The remote host is missing updates announced in advisory GLSA 200411-22. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

CVE-2008-1078

expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expnPID temporary file. NOTE: this is the same issue as CVE-2003-0308.1...

CVE-2008-1078

expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expnPID temporary file. NOTE: this is the same issue as CVE-2003-0308.1...

CVE-2008-1078

CVE-2008-1078 affects the expn component of am-utils (and related net-fs usage) on Gentoo, rPath Linux, and other distros. The issue is an insecure temporary-file handling in expn that allows a local user to perform a symlink attack on expn[PID], enabling overwriting of arbitrary files. This vuln...

Samba: Multiple vulnerabilities

Background Samba is a suite of SMB and CIFS client/server programs for UNIX. Description A format string vulnerability exists in the VFS module when handling AFS file systems and an infinite loop has been discovered when handling file rename operations. Impact A user with permission to write to a...