Lucene search
K

2539 matches found

Gentoo Linux
Gentoo Linux
added 2004/07/12 12:0 a.m.31 views

rsync: Directory traversal in rsync daemon

Background rsync is a utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo's Portage tree. rsyncd is the rsync daemon, which listens to connections from rsync clients. Description When rsyncd is used...

5CVSS6.3AI score0.03404EPSS
Exploits0
OSV
OSV
added 2004/07/07 4:0 a.m.9 views

CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

6.4AI score
Exploits0References25
RedHat Linux
RedHat Linux
added 2004/05/19 7:3 p.m.4 views

security flaw

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

5CVSS5.9AI score0.03404EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2004/05/19 7:3 p.m.31 views

Important: Red Hat Security Advisory: rsync security update

An updated rsync package that fixes a directory traversal security flaw is now available. Rsync is a program for synchronizing files over a network. Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot. This could allow a remote attacker to wri...

5CVSS5.8AI score0.03404EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2004/04/30 4:0 a.m.23 views

CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

5CVSS6.4AI score0.03404EPSS
Exploits0
securityvulns
securityvulns
added 2003/06/21 12:0 a.m.41 views

Portmon file arbitrary read/write access vulnerability

Package: Portmon Auth: http://www.aboleo.net/ Versions: 1.7 prior ? Vulnerability: File arbitrary read/write access vulnerability Portmon is a network service monitoring daemon http://www.aboleo.net/software/portmon/. "In order to use ping support, Portmon must run as root or be installed setuid...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2003/03/28 12:0 a.m.59 views

SNMP security issues in D-Link DSL Broadband Modem/Router

Arhont Ltd - Information Security Company Arhont Advisory by: Andrei Mikhailovsky www.arhont.com Advisory: D-Link DSL Broadband Modem/Router Router Model Name: D-Link DSL-500 Model Specific: Other models might be vulnerable as well Manufacturer site: http://www.dlink.com Manufacturer contact UK:...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2002/11/14 12:0 a.m.28 views

Default SNMP community in Surecom Broadband Router

Arhont Ltd. - Information Security Arhont Advisory by: Andrei Mikhailovsky www.arhont.com Advisory: Surecom Broadband Router Router Model Name: EP-4501 Model Specific: Other models might be vulnerable Manufacturer site: http://www.surecom.com.tw Manufacturer contact: [email protected] Contac...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2002/06/12 12:0 a.m.33 views

AlienForm2 CGI script: arbitrary file read/write

===================================================================== Vulnerable: AlienForm2 revision 1.5 Category: Perl/CGI coding errors Impact: Subject to file permissions, an attacker can read any file on the server, append arbitrary data to any existing file or write arbitrary data to new...

Exploits0
securityvulns
securityvulns
added 2002/01/23 12:0 a.m.49 views

Доступ к специальным устройствам в некоторых Web/FTP-серверах (special devices)

Возможно чтение/запись специальных устройств...

1.9AI score
Exploits0References8Affected Software13
Cvelist
Cvelist
added 2001/09/18 4:0 a.m.22 views

CVE-2001-0203

Watchguard Firebox II firewall allows users with read-only access to gain read-write access, and administrative privileges, by accessing a file that contains hashed passphrases, and using the hashes during authentication...

6.7AI score0.02301EPSS
Exploits1References3
CERT
CERT
added 2001/05/01 12:0 a.m.14 views

Cisco IOS/CatOS exposes read-write SNMP community string via traversal of View-based Access Control MIB (VACM) using read-only community string

Overview There is a vulnerability that permits unauthorized access to several switch and router products manufactured by Cisco Systems. An attacker who gains access to an affected device can read and modify its configuration, creating a denial-of-service condition, an information leak, or both...

6.7AI score
Exploits0References7
CERT
CERT
added 2001/05/01 12:0 a.m.17 views

Cisco IOS/X12-X15 has default SNMP read/write string of "cable-docsis"

Overview There is a vulnerability that permits unauthorized access to several switch and router products manufactured by Cisco Systems. An attacker who gains access to an affected device can read and modify its configuration, creating a denial-of-service condition, an information leak, or both...

6.6AI score
Exploits0References1
NVD
NVD
added 2001/02/28 5:0 a.m.26 views

CVE-2004-1776

Cisco IOS 12.13 and 12.13T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification DOCSIS standard...

7.5CVSS6.6AI score0.03108EPSS
Exploits0References3
Cisco
Cisco
added 2001/02/27 9:0 a.m.16 views

Cisco IOS Software SNMP Read-Write ILMI Community String Vulnerability

...

2.3AI score
Exploits0References1
Packet Storm
Packet Storm
added 2000/02/18 12:0 a.m.35 views

aix-snmp.txt

Following on from Michael Zalewski's recent SNMP post, here's an issue i noted on two AIX systems. NOTE: This was seen on both AIX 4.3 and 4.2. It appears that on the above releases of AIX, the SNMP daemon is enabled by default and two community names are enabled with read/write privileges. The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.50 views

msie.5.0.hta.txt

Date: Tue, 8 Jun 1999 08:41:54 -0400 From: "Noller, Jesse" To: [email protected] Subject: IE 5.0 and HTAs Security hole Good day: I recently set up an NT box, with just the basic setup, no other modifications, other than SP5, and an installation of Internet Explorer 5.0. I was...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 1997/07/01 12:0 a.m.5 views

PT-1997-1073 · Nfs · Nfs

Name of the Vulnerable Software and Affected Versions: NFS affected versions not specified Description: The issue allows attackers to read and write any file on the system by specifying a false UID. Recommendations: At the moment, there is no information about a newer version that contains a fix...

10CVSS6.2AI score0.01957EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.7 views

Update rollup for the Single Instance Storage (SIS) component

None None...

5.3AI score
Exploits0
Rows per page
Query Builder