PT-2001-1232 · Qpopper · Qpopper

Name of the Vulnerable Software and Affected Versions: qpopper affected versions not specified Description: The qpopper POP server creates lock files with predictable names. This allows local users to cause a denial of service for other users, resulting in a lack of mail access, by creating lock...

Keys generated with PGP5i batch mode do not contain sufficient randomness on systems that use /dev/random

Overview Under certain circumstances, PGP v5.0 generates keys that are not sufficiently random, which may allow an attacker to predict keys and, hence, recover information encrypted with that key. Description Generating Randomness in PGP Keys In order to generate cryptographically secure keys, PG...

CVE-2001-1104

SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions...

CVE-2001-1146

AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack...

ml85p - driver for Samsung ML-85G and /tmp

ml85p - driver for Samsung ML-85G GDI printers seems to use /tmp unsecurely. it seems to use the time function to determine the /tmp files name. root@linux exp strings /usr/bin/ml85p | grep tmp /tmp/ml85gd 401070dd iopl0x3 = 0 400cf2bd timeNULL = 994462668 40100cbf brk0 = 0x8064544 40100cbf...

Дырка в man (symbolic link)

При работе утилиты makewhatis создаются временные файлы с предсказуемыми именами, что позволяет атаку с помощью символьных линков...

Дырка в Microfocus Cobol

При установке создаются файлы открытые на запись и временные файлы с предсказуемыми именами...

CVE-2000-0111

The RightFax web client uses predictable session numbers, which allows remote attackers to hijack user sessions...

CVE-2000-1096

The CVE-2000-1096 entry concerns the crontab utility by Paul Vixie, where temporary files are created with predictable names and there is insufficient verification that the file is owned by the user running crontab -e. This enables local users who have write access to the crontab spool directory ...

CVE-2001-1436

Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password...

CVE-2001-0163

Cisco AP340 base station produces predictable TCP Initial Sequence Numbers ISNs, which allows remote attackers to spoof or hijack TCP connections...

tcsh: unsafe tempfile in << redirects

PROBLEM: /tmp echo 'hello world' rootfile /tmp chmod 600 rootfile /tmp ln -s rootfile sh$$ /tmp chown -h 666.666 sh$$ /tmp ls -l rootfile sh$$ -rw------- 1 root root 12 Oct 29 03:55 rootfile lrwxrwxrwx 1 666 666 8 Oct 29 03:56 sh12660 - rootfile /tmp cat BAR ? FOO ? BAR FOO o world /tmp ls -l...

CVE-2000-0579

IRIX crontab is affected: it creates temporary files with predictable names and the user’s umask, enabling local users to modify another user’s crontab while it is being edited. The CVSS data indicates local access with partial confidentiality/integrity/availability impact. No remediation details...

CVE-2000-0445

The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys...

CVE-2000-0445

The CVE-2000-0445 issue affects PGP 5.x on Unix-like systems where non-interactive (batch) key generation via pgpk can use insufficient randomness collected from /dev/random. The root cause is how PGP v5.0 processes entropy when generating keys in unattended mode, potentially producing weak, pred...

CVE-2000-0335

The CVE-2000-0335 issue affects the resolver in glibc 2.1.3 , which uses predictable IDs. This design allows a local attacker to cause DNS query spoofing by manipulating IDs, undermining DNS query integrity. The vulnerability’s impact is described as the ability to spoof results, with a base CVSS...

CVE-2000-0578

SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user...

CVE-2000-0397

CVE-2000-0397 affects the EMURL web-based email account software. The vulnerability arises because session URLs encode predictable identifiers, enabling a remote attacker to access a user’s email account. The available documents do not specify affected product versions, root cause beyond predicta...

Проблемы с libdes в NetBSD

Если отсутствует или не функционирует /dev/urandom, используется предсказуемая последовательность при генерации ключей...

Дырка в man из HP-UX

Проблема символьных линков - создается временный файл с предсказуемым именем...