HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

Tridium Niagara AX Web Server < 3.5.40.3 / 3.6 < 3.6.47.3 Multiple Vulnerabilities

Binary data 8348.prm...

IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities

IBM WebSphere Application Server 7.0 prior to Fix Pack 33 is running on the remote host. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote...

Ubuntu: Security Advisory (USN-2288-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2290-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

Design/Logic Flaw

The 1 shellexec function in lib/util/MiqSshUtilV1.rb and 2 tempcmdfile function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name...

AOL Instant Messenger 4.x/5.x Buddy Icon Predictable File Location Weakness

No description provided by source. source: http://www.securityfocus.com/bid/9698/info It has been reported that AOL Instant Messenger stores imported Buddy Icons in a predictable location on client systems that may allow an attacker to facilitate further attacks which could eventually lead to...

Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

Macromedia Flash Player 6.0.x Flash Cookie Predictable File Location Weakness

No description provided by source. source: http://www.securityfocus.com/bid/8900/info Macromedia Flash Player is reported to store Flash cookies .sol files in a predictable location on client systems. Other attacks are possible given the ability to store content on a system in a predictable...

Microsoft Outlook 2003 Predictable File Location Weakness

No description provided by source. source: http://www.securityfocus.com/bid/10307/info Microsoft Outlook 2003 is reported to be prone to store files that are specified in img tags, in predictable locations. This may present a security risk because many known and potential Internet Explorer...

Microsoft Windows 2000 Named Pipes Predictability Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1535/info The Service Control Manager SCM is an administrative tool in Windows 2000 which handles the creation and modification of system services such as Server, Workstation, Alerter, and ClipBook. A server-side named pi...

runcms 1.6 - Multiple Vulnerabilities

No description provided by source. Digital Security Research Group Advisory Application: RunCMS Versions Affected: RunCMS 1.6 Vendor URL: http://www.runcms.org Bugs: SQL Injections, XSS, PHP Include, Predictable session id, etc. Exploits: Aviable Reported: 14.12.2007 Vendor response: 15.12.2007...

IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 Multiple Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/9512/info IBM Informix Dynamic Server and IBM Informix Extended Parallel Server have been reported prone to multiple vulnerabilities. The first issue exists in the onedcu binary. Specifically, when the binary is invoked a...

CVS 1.10.7 - Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1136/info CVS stands for Concurrent Versions Software and is an open-source package designed to allow multiple developers to work concurrently on a single source tree, recording changes and controlling versions. It is...

Cscope 13.0/15.x Insecure Temporary File Creation Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/11697/info Cscope creates temporary files in an insecure way. A design error causes the application to fail to verify the presence of a file before writing to it. During execution, the utility reportedly creates temporary...

osTicket STS 1.2 Attachment Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10586/info osTicket is reported prone to a remote command execution vulnerability. The issue is reported to present itself because attachments submitted as a part of a support ticket request are stored with a predictable...

IBM Network Station Manager 2.0 R1 Race Condition Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/900/info IBM's Network Station Manager is a client/server application which facilitates management for IBM Network Stations. It is possible to locally gain root priviliges on hosts running the NetStation daemon. NetStatio...

Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/4252/info Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems. The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other...

Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities

No description provided by source. ====================================================================== Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability ====================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions...

MGASA-2014-0274 Updated ctdb package fixes CVE-2013-4159

Updated ctdb packages fix security vulnerability: ctdb before 2.5 is vulnerable to symlink attacks to due the use of predictable filenames in /tmp, such as /tmp/ctdb.socket CVE-2013-4159...