WeFi information leak

Log files are stored in world-readable folder...

bind: /etc/rndc.key has 644 permissions by default

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named...

Debian Security Advisory DSA 1062-1 (kphone)

The remote host is missing an update to kphone announced via advisory DSA 1062-1. Sven Dreyer discovered that KPhone, a Voice over IP client for KDE, creates a configuration file world-readable, which could leak sensitive information like SIP passwords. The the old stable distribution woody doesn...

Debian: Security Advisory (DSA-787-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1022-1 (storebackup)

The remote host is missing an update to storebackup announced via advisory DSA 1022-1. Several vulnerabilities have been discovered in the backup utility storebackup. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3146 Storebackup creates a temporary...

Debian Security Advisory DSA 787-1 (backup manager)

The remote host is missing an update to backup manager announced via advisory DSA 787-1. Two bugs have been found in backup-manager, a command-line driven backup utility. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-1855 Jeroen Vermeulen discovered...

Debian Security Advisory DSA 659-1 (libpam-radius-auth)

The remote host is missing an update to libpam-radius-auth announced via advisory DSA 659-1. OpenVAS Vulnerability Test $Id: deb6591.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 659-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 015-1 (sash)

The remote host is missing an update to sash announced via advisory DSA 015-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-555-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-0217

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script...

Code injection

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script...

CVE-2008-0217

FreeBSD CVE-2008-0217 describes two pty handling flaws in openpty/ptsname that allow a non‑root user to snoop or hijack a tty: when openpty is called by openpty, the new pty is world‑readable/writable; ptsname returns potentially invalid device names used by pt_chown to transfer ownership. Affect...

Input validation

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named...

CVE-2007-6283

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named...

CVE-2007-6283

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named...

CVE-2007-6283

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named...

CVE-2007-6283

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named...

CVE-2002-2301

Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database...

clipboard bug.txt

The clipboard in QNX is world readable and writable. Although the folder containing the file is not readable for normal users the filename convention is predictable, see "clipboard bug.jpg" bash-2.05a$ ls -l /var/clipboard/muh/00000000/TTSHEOAA552983 -rw-rw-rw- 1 root root 78 Jan 04 16:27...

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access Advisory ID: cisco-sa-20070103-CleanAccess http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml Revision 1.0 For Public Release 2007 January 03 1600 UTC GMT -...