Lucene search
K

2219 matches found

NVD
NVD
added 2003/12/31 5:0 a.m.10 views

CVE-2003-1460

Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readable and executable while copying data, which could allow local users to obtain sensitive information...

3.6CVSS6.2AI score0.00285EPSS
Exploits0References2
NVD
NVD
added 2003/06/30 4:0 a.m.14 views

CVE-2003-0414

The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile...

7.2CVSS6.7AI score0.00377EPSS
Exploits0References7
Cvelist
Cvelist
added 2003/06/11 4:0 a.m.17 views

CVE-2003-0414

The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile...

6.7AI score0.00377EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2003/04/25 12:0 a.m.25 views

Alt-N WebAdmin 2.0.x - Remote File Viewing

source: https://www.securityfocus.com/bid/7438/info Alt-N WebAdmin allows a remote user to access files that they should not be able to access. The remote user can submit an HTTP request that will return the contents of any webserver-readable file on the system. NOTE: The user must have...

7.4AI score
Exploits0
NVD
NVD
added 2003/04/22 4:0 a.m.18 views

CVE-2002-1470

SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable scserv.log file...

2.1CVSS6.3AI score0.00477EPSS
Exploits1References3
OSV
OSV
added 2003/04/22 4:0 a.m.3 views

DEBIAN-CVE-2002-1479

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...

4.6CVSS6.9AI score0.00467EPSS
Exploits1References1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.18 views

CVE-2002-0377

Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files...

6.1AI score0.00363EPSS
Exploits0References5
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.17 views

CVE-2002-0120

Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information...

5.7AI score0.00341EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2003/02/09 12:0 a.m.27 views

Cedric Email Reader 0.2/0.3 - Skin Configuration Script Remote File Inclusion

source: https://www.securityfocus.com/bid/6818/info It has been reported that Cedric Email Reader is prone to an issue that may allow remote attackers to include malicious files located on remote servers. This issue is present in the 'email.php' script. Under some circumstances, it is possible fo...

7.4AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.11 views

CVE-2002-1892

NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information...

2.1CVSS6.3AI score0.00627EPSS
Exploits0References4
NVD
NVD
added 2002/12/31 5:0 a.m.20 views

CVE-2002-1711

BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments...

2.1CVSS7.3AI score0.00349EPSS
Exploits0References4
NVD
NVD
added 2002/12/31 5:0 a.m.13 views

CVE-2002-1970

SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers...

2.1CVSS6.2AI score0.00377EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.6 views

PT-2002-2435 · Mandrake · Mandrake

Name of the Vulnerable Software and Affected Versions: Mandrake versions 8.2 Description: The Standard security setting for the Mandrake-Security package installs home directories with world-readable permissions. This could allow local users to read other users' files. Recommendations: For Mandra...

5.5CVSS5.4AI score0.00375EPSS
Exploits0References5
NVD
NVD
added 2002/12/23 5:0 a.m.25 views

CVE-2002-1380

Linux kernel 2.2.x allows local users to cause a denial of service crash by using the mmap function with a PROTREAD parameter to access non-readable memory pages through the /proc/pid/mem interface...

2.1CVSS5.9AI score0.00873EPSS
Exploits1References7
securityvulns
securityvulns
added 2002/11/23 12:0 a.m.32 views

QNX Photon Weak Permissions

Clipboard content is stored in world readable file...

1.3AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2002/08/10 4:0 a.m.13 views

CVE-2002-0849

Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta 1, which could allow local users to gain privileges by reading the cleartext CHAP password...

6.6AI score0.00375EPSS
Exploits0References4
CERT
CERT
added 2002/08/05 12:0 a.m.21 views

Mac OS X Finder creates world-readable ".FBCIndex" file thereby disclosing sensitive information

Overview Mac OS X's Find-By-Content indexing may store file data where it can be served to remote users by Apache. Description The Find-By-Content feature of Mac OS X generates indexing data from the contents of files in each directory. It then stores the indexing data for each directory in a...

6.3AI score
Exploits0References2
NVD
NVD
added 2002/07/03 4:0 a.m.16 views

CVE-2002-0565

Oracle 9iAS 1.0.2.x compiles JSP files in the pages directory with world-readable permissions under the web root, which allows remote attackers to obtain sensitive information derived from the JSP code, including usernames and passwords, via a direct HTTP request to pages...

5CVSS5.9AI score0.05651EPSS
Exploits0References6
CVE
CVE
added 2002/06/25 4:0 a.m.50 views

CVE-2001-1175

CVE-2001-1175 : In vipw from the util-linux package, before version 2.10, editing /etc/shadow could leave the file world-readable in some cases, enabling local users to more easily perform brute-force password guessing. Supported details in connected docs show Red Hat advisories (RHSA-2001:95, 13...

7.2CVSS6.9AI score0.00425EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.22 views

CVE-2001-1175

vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing...

6.5AI score0.00425EPSS
Exploits0References4
Rows per page
Query Builder