CVE-2005-0787

Wine 20050211 and earlier creates temp files with world readable permissions and predictable file names, which allows local users to obtain sensitive information, such as passwords...

CVE-2005-0624

CVE-2005-0624 affects reportbug before 2.62; .reportbugrc is created with world‑readable permissions, allowing local users to obtain email smarthost passwords. Impact: partial confidentiality; exploit requires local access. NVD metrics show LOW severity (AV:L, AC:L, AU:N). The provided documents ...

CVE-2005-0624

reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...

CVE-2005-0624

reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...

DEBIAN-CVE-2005-0624

reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...

CVE-2005-0624

reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...

PeerFTP FTP Server weak encryption

User passwords are stored in the world readable file...

CVE-2005-0142

Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such a...

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

DEBIAN-CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

Opened attachments are temporarily saved world-readable — Mozilla

Mozilla software released after March 2004 saves some temporary files with world-readable permissions. In the browser this is primarily content fed to helper applications for example, PDF files, and in the mail clients it is attachments...

CVE-2005-0118

helvis 1.8h21 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users...

CVE-2005-0118

CVE-2005-0118 affects helvis 1.8h2_1 and earlier. The vulnerability arises because recovery files are stored in world-readable directories with world-readable permissions, allowing local users to read recovered files of other users. Multiple sources (NVD/CVE, FreeBSD VuXML and OpenVAS entries) co...

arkeia.txt

During the testing of arkeia a few security holes has been discovered. Vulnerable System: Arkeia 4.2.x, 5.2.x and 5.3.x Details: 1. Writable directory $ ls -ld /opt/arkeia/server/dbase/ drwxrwxrwx 10 root root 4096 gru 27 13:40 /opt/arkeia/server/dbase/ 2. Default the "root" account password is s...

Arkeia Possible remote root & information leakage

During the testing of arkeia a few security holes has been discovered. Vulnerable System: Arkeia 4.2.x, 5.2.x and 5.3.x Details: 1. Writable directory $ ls -ld /opt/arkeia/server/dbase/ drwxrwxrwx 10 root root 4096 gru 27 13:40 /opt/arkeia/server/dbase/ 2. Default the "root" account password is s...

CVE-2004-2303

MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and overwrite files...

DEBIAN-CVE-2004-2303

MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and overwrite files...

perl -- File::Path insecure file/directory permissions

Jeroen van Wolffelaar reports that the Perl module File::Path contains a race condition wherein traversed directories and files are temporarily made world-readable/writable...

Oracle clear text passwords (#NISR2122004D)

NGSSoftware Insight Security Research Advisory Name: Oracle 10g clear text passwords Systems Affected: Oracle 10g on all operating systems Severity: Medium Risk Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...

CVE-2004-0563

The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password...