5042 matches found
TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities RELEASE DATE: August 21st, 2006 VENDOR: Alt-N Technologies http://www.altn.com VULNERABLE: Tested on Alt-N WebAdmin v3.2.3/3.2.4 running with MDaemon v9.0.5, earlier versions are suspected vulnerable a...
MySQL 4/5 - SUID Routine Miscalculation Arbitrary DML Statement Execution
source: https://www.securityfocus.com/bid/19559/info MySQL is prone to these vulnerabilities: - A privilege-elevation vulnerability. A user with privileges to execute SUID routines may gain elevated privileges by executing certain commands and code with higher privileges. - A security-bypass...
HP-UX PHSS_32966 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
s700800 11.11 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
HP-UX PHSS_32965 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
s700800 11.00 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
HP-UX PHSS_32960 : HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation (HPSBUX02137 SSRT051024 rev.1)
s700800 11.23 Xserver cumulative patch : A potential security vulnerability has been identified in the Xserver running on HP-UX. The vulnerability could be exploited by a local user to execute arbitrary code with the privileges of the Xserver. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Mandrake Linux Security Advisory : arts (MDKSA-2006:107)
A vulnerability in the artswrapper program, when installed setuid root, could enable a local user to elevate their privileges to that of root. By default, Mandriva Linux does not ship artswrapper setuid root, however if a user or system administrator enables the setuid bit on artswrapper, their...
Kaspersky Antivirus multiple vulnerabilities
Unsafe kernel mode components implementation leads to Denial of Service and potentially to privilege elevation. Most serious problem is user mode code can access kernel memory...
The Weakness of Windows Impersonation Model
The Weakness of Windows Impersonation Model http://www.gentlesecurity.com/04302006.html Summary 1. Network Service account’s context is elevated to LocalSystem. 2. A context of MS SQL service running as unique user account is elevated up to LocalSystem. 3. Any service’s context could be elevated ...
Re: The Weakness of Windows Impersonation Model
Hi Brian, I wrote a paper on this subject last year, "Snagging Security Tokens to Elevate Privileges" http://www.databasesecurity.com/dbsec-briefs.htm after Tim Mullen and thrashed out a few details at Blackhat last year over a few White Russians. The paper discusses the problem in the context of...
SunnComm MediaMax privilege elevation vulnerability
Overview SunnComm MediaMax contains a privilege elevation vulnerability, which may allow a user with limited rights to execute code with elevated privileges. Description SunnComm MediaMax SunnComm MediaMax is copy protection software that is automatically installed by some audio CDs. Sony BMG has...
[NT] ShellAbout() API Elevation of Privilege (MS06-009)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Ubuntu 5.04 : mozilla-firefox vulnerabilities (USN-134-1)
It was discovered that a malicious website could inject arbitrary scripts into a target site by loading it into a frame and navigating back to a previous JavaScript URL that contained an eval call. This could be used to steal cookies or other confidential data from the target site. If the target...
See me for the privilege with a vulnerability to enhance computer control-vulnerability warning-the black bar safety net
Allegedly Windows COM structure there is a security problem, the local orremote attackcan use this vulnerability to elevate privileges or execute arbitrary instructions. AffectedOSand procedures when processing COM structured storage file, the access to the shared memory exists in the way that...
MS05-055: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523)
The remote host contains a version of the Windows kernel that may allow a local user to elevate his privileges or to crash it therefore causing a denial of service. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid20298; scriptversion"1.32"; scriptcvsdate"Date:...
CVE-2005-3580
QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...
On WEBSHELL to elevate privileges to the point of experience-vulnerability warning-the black bar safety net
| --- | Many newcomers in the use of servu elevation of Privilege will encounter many problems, such as the default local administrator Password changed, ws, etc. the cmd is disabled, or the site root directory there is no permission to run! Many Novices will be sent to the discard, Oh, actually...
ms05002 exploit the program and its test results-vulnerability warning-the black bar safety net
Article author: invincible most lonelyE. S. T Information source: evil octal China Vulnerability details can go to the following address to download: Get the code,read the code. The original code is the use of the local bonding of the shellcode. Practical too poor,and because of this vulnerabilit...
WM_TIMER Message Handler Privilege Elevation (Q328310)
A security issue has been identified in WMTIMER that could allow an attacker to compromise a computer running Microsoft Windows and gain complete control over it. Recommendation: Users using any of the affected products should install the patch immediately. Maximum Severity Rating: Critical...
Windows Network Manager Privilege Elevation (Q326886)
A flaw in the Windows 2000 Network Connection Manager could enable privilege elevation. SPDX-FileCopyrightText: 2002 SECNAP Network Security, LLC Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Microsoft Internet Information Services (IIS) Multiple Vulnerabilities (Q327696, MS02-062)
Microsoft Internet Information Services IIS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2002 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...