CVE-2010-1439

yum-rhn-plugin in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Enterprise Linux RHEL 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly prevent future security...

Authentication flaw

yum-rhn-plugin in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Enterprise Linux RHEL 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly prevent future security...

CVE-2010-2058

CVE-2010-2058 affects Prewikka 0.9.14 where setup.py writes prewikka.conf with world-readable permissions, allowing a local attacker to read the SQL database password. Multiple connected advisories (Gentoo GLSA 201101-07, OpenVAS entries) confirm the issue and identify the affected package as net...

CVE-2010-2058

setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows local users to obtain the SQL database password...

rhn-client-tools: authorized information disclosure

yum-rhn-plugin in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Enterprise Linux RHEL 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly prevent future security...

Acritum Femitter Server 1.03 - Multiple Vulnerabilities

--= Tested on: XP sp 2 Acritum Femitter Server v1.03 is a HTTP and FTP Server for Windows. I came up with few vulnerabilities of this .. some vulns are already has been revelied but some are not so lets have a look HTTP Server ----------- In the Femitter Server Application HTTP tab there are few...

Acritum Femitter Server 1.03 - Multiple Vulnerabilities

Acritum Femitter Server 1.03 - Multiple Vulnerabilities --= Tested on: XP sp 2 Acritum Femitter Server v1.03 is a HTTP and FTP Server for Windows. I came up with few vulnerabilities of this .. some vulns are already has been revelied but some are not so lets have a look HTTP Server ----------- In...

nfs-statfs NSE Script

Retrieves disk space statistics and information from a remote NFS share. The output is intended to resemble the output of df. The script will provide pathconf information of the remote NFS if the version used is NFSv3. Script Arguments nfs-statfs.human If set to 1 or true, shows file sizes in a...

Ipswitch IMail multiple security vulnerabilities

Weak permissions for registry and installation folder. Passwords are stored in readable location with reversible encryption...

acpid weak file permission

Log file is created world readable...

NFS Shares World Readable

The remote NFS server is exporting one or more shares without restricting access based on hostname, IP, or IP range. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid42256; scriptversion"1.12"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/02/21";...

proc File Descriptors Directory Permissions bypass

Exploit for unknown platform in category local exploits ================================================== proc File Descriptors Directory Permissions bypass ================================================== Title: proc File Descriptors Directory Permissions bypass CVE-ID: OSVDB-ID: Author: Pave...

Low: Red Hat Security Advisory: gfs2-utils security and bug fix update

An updated gfs2-utils package that fixes multiple security issues and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The gfs2-utils package provides the user-space tools necessary to...

HyperVM File Permissions Local Vulnerability

HyperVM is a virtualization application that runs off a host node and can provide several Virtual Private Servers. There is a previously unreported vulnerability in HyperVM/Kloxo. It was originally documented in ISSUE 14 by an anonymous author: http://www.milw0rm.com/exploits/8880 It turns out th...

HyperVM weak permissions

Passwords and private keys are stored in world-readable file...

HyperVM - File Permissions Credential Disclosure

HyperVM is a virtualization application that runs off a host node and can provide several Virtual Private Servers. There is a previously unreported vulnerability in HyperVM/Kloxo. It was originally documented in ISSUE 14 by an anonymous author: http://www.milw0rm.com/exploits/8880 It turns out th...

HyperVM File Permissions Local Vulnerability

Exploit for multiple platform in category local exploits ============================================ HyperVM File Permissions Local Vulnerability ============================================ HyperVM is a virtualization application that runs off a host node and can provide several Virtual Private...

DEBIAN-CVE-2009-1296

The eCryptfs support utilities ecryptfs-utils 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root...

DEBIAN-CVE-2009-1631

The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files...

CVE-2009-1631

The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files...