116 matches found
CVE-2015-1196
CVE-2015-1196 is confirmed in the provided documents as a vulnerability in GNU patch 2.7.1 where a symlink attack in a patch file allows remote attackers to write to arbitrary files. The connected advisories/feeds reference this CVE alongside other patches for GNU patch (e.g., CVE-2014-9637, CVE-...
CVE-2015-1196
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file...
CVE-2015-1196
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file...
CVE-2014-0177
The CVE-2014-0177 issue affects hub (Ruby gem) prior to 1.12.1, where the am function in lib/hub/commands.rb is vulnerable to a symlink attack on a temporary patch file, allowing local users to overwrite arbitrary files (integrity impact). The documented root cause is a vulnerable file-overwrite ...
CVE-2014-0177
The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file...
UBUNTU-CVE-2014-0177
The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file...
Design/Logic Flaw
The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file...
PT-2014-3519 · Github · Hub
Name of the Vulnerable Software and Affected Versions: hub versions prior to 1.12.1 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file. This is due to a problem in the am function in lib/hub/commands.rb. Recommendations: For...
Oracle Solaris 10回滚补丁文件密码哈希泄露漏洞
CVE ID: CVE-2011-0412 Solaris是Sun Microsystems研发的计算机操作系统。 Oracle Solaris 10回滚补丁文件undo.Z包含未授权用户可读的密码哈希,本地用户可通过此漏洞泄露敏感信息。 此安全漏洞源于某些软件包的/var/sadm/pkg/pkgname/save/patchid/以不安全方式存储了"undo.Z"回滚文件,可导致提取包含root和其他用户的密码哈希的文件。 Sun Solaris 10.0 厂商补丁: Sun --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
TmaxSoft JEUS Alternate Data Streams File Disclosure Vulnerability
Exploit for unknown platform in category remote exploits ================================================================== TmaxSoft JEUS Alternate Data Streams File Disclosure Vulnerability ================================================================== Title: TmaxSoft JEUS Alternate Data...
Directory traversal
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...
CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...
CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...
CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...
CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...
Novell Distributed Print Services (NDPS) Print Provider (NDPPNT.DLL) Remote Overflow
The file 'ndppnt.dll' included with the Novell Client software reportedly contains an unspecified buffer overflow. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid23769; scriptversion"1.17"; scriptcvsdate"Date: 2018/07/16 14:09:15"; scriptcveid"CVE-2006-6443";...