3063 matches found
Through the Zend directory permissions are not strict get execute permissions-bug warning-the black bar safety net
On the server a lot have installed Zend Even if C:\Program Files\ set permissions, install Zend, Zend will auto-configure directory permissions C:\Program Files\Zend\ZendOptimizer-3.3.0\ under the directory permissions for the Everyone full,which leads to the intruder can be written into the file...
CentOS Update for nfs-utils CESA-2009:1321 centos5 i386
Check for the Version of nfs-utils OpenVAS Vulnerability Test CentOS Update for nfs-utils CESA-2009:1321 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...
libvirt security, bug fix, and enhancement update
0.8.2-22.0.1.el5 - Replaced docs/et.png in tarball libvirt-0.8.2-22.el5 - Fix auditing of disk hotunplug operations rhbz710151 libvirt-0.8.2-21.el5 - remote: Protect against integer overflow rhbz717207 0.8.2-20.el5 - Support enabling or disabling the HPET for Xen domains rhbz703193 - SMBIOS suppo...
openSUSE Security Update : gdm (openSUSE-SU-2010:0969-1)
dbus-glib allowed local users to write properties that were exported read-only via dbus CVE-2010-1172. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gdm-3108. The text description of this...
openSUSE Security Update : libvirt (openSUSE-SU-2011:0311-1)
several API calls did not honor the read-only flag connections. Attackers could exploit that to modify the state of the system or potentially execute code CVE-2011-1146. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
openSUSE Security Update : dbus-1-glib (openSUSE-SU-2011:0300-1)
dbus-glib allowed local users to write properties that were exported read-only via dbus CVE-2010-1172. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dbus-1-glib-4237. The text description of...
SQL-Ledger 2.8.33 - (Authenticated) Local File Inclusion Edit
SQL-Ledger 2.8.33 - Authenticated Local File Inclusion Edit Exploit Title: SQL-Ledger = 2.8.33 Post-authentication Local File Include/Edit Vulnerability Google Dork: inurl:/sql-ledger/login.pl Date: April 15, 2011 Author: bitform Software Link:...
Fedora 14 : libvirt-0.8.3-9.fc14 (2011-4896)
Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe Fix specfil to create /var/lib/libvirt with proper permissions. fix a lack of API check on read-only connections this build fix one crash in the the error handling fix a lack of API check on read-only connections Note that...
RHEL 5 / 6 : libvirt (RHSA-2011:0391)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0391 advisory. - libvirt: several API calls do not honour read-only connection CVE-2011-1146 Note that Nessus has not tested for this issue but has instead reli...
libvirt: several API calls do not honour read-only connection
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...
DEBIAN-CVE-2011-1146
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...
Mandriva Update for tomcat5 MDVSA-2011:030 (tomcat5)
Check for the Version of tomcat5 OpenVAS Vulnerability Test Mandriva Update for tomcat5 MDVSA-2011:030 tomcat5 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
SuSE 11 Security Update : NetworkManager (SAT Patch Number 3094)
dbus-glib allowed local users to write properties that were exported read-only via dbus. CVE-2010-1172 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell,...
Prevx 3.0.5.206 ACCESS DENIED Exploit
Exploit for windows platform in category local exploits ===================================== Prevx 3.0.5.206 ACCESS DENIED Exploit ===================================== Author : STRELiTZIA Software : Prevx 3.0.5.206 and old Tested on : Windows All ============================ = Description =...
Fedora 13 : DeviceKit-power-0.9.0-2.fc13 / dbus-glib-0.86-4.fc13 (2010-12863)
It was discovered that dbus-glib did not enforce the 'access' flag on exported GObject properties. If such a property were read/write internally but specified as read-only externally, a malicious, local user could use this flaw to modify that property of an application. Such a change could impact...
FreeBSD privilege escalation
Under some conditions it's possible to bypass read-onyy flag for mbuf pages...
Oracle Database Server Crafted View Privilege Escalation (CVE-2006-1705)
A privilege escalation vulnerability exists in the Oracle Database Server product. The vulnerability is caused by a design error in the processing of Join Views. An attacker with limited privileges may exploit this vulnerability to gain escalated privileges. Leveraging the vulnerability allows an...
Ewebeditor database is read-only intrusion-vulnerability warning-the black bar safety net
Ewebeditor is a very common website, the core of the program, Feature: the default data-/db/ewebeditor. mdb is the default path adminlogin. asp the default administrator: admin password: adminadmin888 Version of ewebedit into the background for added style. Get the webshell is very easy. Sometime...
kernel: ext4: Avoid null pointer dereference when decoding EROFS w/o a journal
The ext4decodeerror function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service NULL pointer dereference, and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal...
SuSE 10 Security Update : libvirt (ZYPP Patch Number 5869)
libvirt misses some read-only connection checks for certain methods. This flaw enables local unprivileged users for example to migrate virtual machines without authentication. CVE-2008-5086 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...