Lucene search
K

101 matches found

Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.25 views

Ubuntu 4.10 : ntp vulnerability (USN-175-1)

Thomas Biege discovered a flaw in the privilege dropping of the NTP server. When ntpd was configured to drop root privileges, and the group to run under was specified as a name as opposed to a numeric group ID, ntpd changed to the wrong group. Depending on the actual group it changed to, this cou...

4.6CVSS5.5AI score0.00445EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/12/13 12:0 a.m.23 views

[SA17922] Mac OS X Perl "$<" Privilege Dropping Security Issue

TITLE: Mac OS X Perl "$" Privilege Dropping Security Issue SECUNIA ADVISORY ID: SA17922 VERIFY ADVISORY: http://secunia.com/advisories/17922/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: From remote OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION: Jason...

0.5AI score
Exploits0
Ubuntu
Ubuntu
added 2005/09/02 4:9 a.m.39 views

USN-175-1: ntp server vulnerability

Thomas Biege discovered a flaw in the privilege dropping of the NTP server. When ntpd was configured to drop root privileges, and the group to run under was specified as a name as opposed to a numeric group ID, ntpd changed to the wrong group. Depending on the actual group it changed to, this cou...

4.6CVSS5.4AI score0.00445EPSS
Exploits0
Cvelist
Cvelist
added 2005/01/29 5:0 a.m.25 views

CVE-2005-0072

zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files...

6AI score0.00477EPSS
Exploits1References8
Debian
Debian
added 2004/10/04 10:16 a.m.29 views

[SECURITY] [DSA 557-1] New rp-pppoe packages fix potential root compromise

-------------------------------------------------------------------------- Debian Security Advisory DSA 557-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2004 http://www.debian.org/security/faq -...

2.1CVSS0.3AI score0.00362EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.18 views

Debian DSA-050-1 : sendfile - broken privileges dropping, broken tempfile

Colin Phipps and Daniel Kobras discovered and fixed several serious bugs in the saft daemon sendfiled' which caused it to drop privileges incorrectly. Exploiting this a local user can easily make it execute arbitrary code under root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

4.6CVSS5.9AI score0.00802EPSS
Exploits0References2
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.19 views

CVE-2002-1311

Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...

6.2AI score0.0034EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.21 views

GLSA-200401-02 : Honeyd remote detection vulnerability via a probe packet

The remote host is affected by the vulnerability described in GLSA-200401-02 Honeyd remote detection vulnerability via a probe packet A bug in handling NMAP fingerprints caused Honeyd to reply to TCP packets with both the SYN and RST flags set. Watching for replies, it is possible to detect IP...

5.5AI score
Exploits0References2
NVD
NVD
added 2004/02/03 5:0 a.m.13 views

CVE-2003-0949

xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands...

4.6CVSS6.8AI score0.00413EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2004/01/14 5:0 a.m.22 views

CVE-2003-0949

xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands...

4.6CVSS5.9AI score0.00413EPSS
Exploits0
exploitpack
exploitpack
added 2003/09/23 12:0 a.m.15 views

ProFTPd 1.2.71.2.8 - .ASCII File Transfer Buffer Overrun

ProFTPd 1.2.71.2.8 - .ASCII File Transfer Buffer Overrun // source: https://www.securityfocus.com/bid/8679/info A remotely exploitable buffer overrun vulnerability has been reported in ProFTPD. This issue could be triggered if an attacker uploads a malformed file and then that file is downloaded ...

1.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/23 12:0 a.m.23 views

ProFTPd 1.2.7/1.2.8 - '.ASCII' File Transfer Buffer Overrun

// source: https://www.securityfocus.com/bid/8679/info A remotely exploitable buffer overrun vulnerability has been reported in ProFTPD. This issue could be triggered if an attacker uploads a malformed file and then that file is downloaded in ASCII mode. Successful exploitation will permit a...

7.4AI score
Exploits0
NVD
NVD
added 2002/08/12 4:0 a.m.13 views

CVE-2002-0469

Ecartis formerly Listar 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges...

7.2CVSS6.6AI score0.0046EPSS
Exploits1References4
securityvulns
securityvulns
added 2002/03/12 12:0 a.m.27 views

Ecartis/Listar multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: Ecartis / Listar Version: read the details Vendor: The Ecartis Project. http://www.ecartis.org/ Author: Janusz Niewiadomski [email protected], Wojciech Purczynski [email protected] Date: March 10, 2002 Issue: ====== Multiple buffer overflow...

0.7AI score
Exploits0
CVE
CVE
added 2001/07/27 4:0 a.m.48 views

CVE-2001-0623

CVE-2001-0623 affects the sendfiled component of SAFT on Linux, where privileges are not properly dropped when sending notification emails, enabling a local user to gain privileges (local privilege escalation). The issue is documented in Debian security advisories DSA-050-1 and DSA-052-1, which d...

4.6CVSS6.4AI score0.00802EPSS
Exploits0References3Affected Software1
Debian
Debian
added 2001/04/23 10:14 a.m.26 views

[SECURITY] [DSA 052-1] New sendfile packages fix root exploit

---------------------------------------------------------------------------- Debian Security Advisory DSA 052-1 [email protected] http://www.debian.org/security/ Martin Schulze April 23, 2001 - ---------------------------------------------------------------------------- Package : sendfile...

5.9AI score
Exploits0
securityvulns
securityvulns
added 2001/04/20 12:0 a.m.65 views

[SECURITY] [DSA 050-1] New version sendfile fix local root exploit

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------------- Debian Security Advisory DSA 050-1 [email protected] http://www.debian.org/security/ Martin Schulze April 20, 2001 -...

0.2AI score
Exploits0
Debian
Debian
added 2001/04/19 10:36 p.m.18 views

[SECURITY] [DSA 050-1] New version sendfile fix local root exploit

---------------------------------------------------------------------------- Debian Security Advisory DSA 050-1 [email protected] http://www.debian.org/security/ Martin Schulze April 20, 2001 - ---------------------------------------------------------------------------- Package : sendfile...

5.6AI score
Exploits0
Snyk
Snyk
added 2000/06/08 4:0 a.m.2 views

CVE-2000-0525

Overview OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon. Remediation There is no fixed version for openssh. References - Archives.neohapsis.com - Openbsd.org - Osvdb.o...

10CVSS7.5AI score0.02626EPSS
Exploits0References1
securityvulns
securityvulns
added 2000/05/30 12:0 a.m.40 views

Security Advisory 2000-003

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-003 ================================= Topic: Exploitable Vulnerability in Xlockmore Version: NetBSD pkgsrc prior to 11th May 2000. Severity: xlock can be manipulated to print the shadow password information Abstract ======== The...

1AI score
Exploits0
Rows per page
Query Builder