303 matches found
SUSE SLES12 Security Update : glibc (SUSE-SU-2018:0071-1)
This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
SUSE SLES12 Security Update : glibc (SUSE-SU-2018:0076-1)
This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A buffer manipulation vulnerability in nscd has been fixed that could possibly have lead to an nscd daemon crash or code execution as the user...
CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
UBUNTU-CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
codeigniter -- multiple vulnerabilities
The CodeIgniter changelog reports: Fixed an SQL injection in the ‘odbc’ database driver. Updated setrealpath Path Helper function to filter-out php:// wrapper inputs...
CVE-2004-1064
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute...
CVE-2007-3007
PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...
Python-2.4.2-realpath()
Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to the realpath...
wu-ftpd 2.6.2, 2.6.0, 2.6.1 realpath() Off-By-One Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8315/info The 'realpath' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that wa...
PHP 3/4/5 Multiple Local And Remote Vulnerabilities (1)
No description provided by source. source: http://www.securityfocus.com/bid/11964/info PHP4 and PHP5 are reported prone to multiple local and remote vulnerabilities that may lead to code execution within the context of the vulnerable process. The following specific issues are reported: A heap-bas...
wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/113/info There is a vulnerability in ProFTPD versions 1.2.0pre1 and earlier and in wu-ftpd 2.4.2 beta 18 VR9 and earlier. This vulnerability is a buffer overflow triggered by unusually long path names directory structures...
freeBSD 4.8 realpath() Off-By-One Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8315/info The 'realpath' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that wa...
wu-ftpd 2.6.2 realpath() Off-By-One Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8315/info The 'realpath' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that wa...
wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/113/info There is a vulnerability in ProFTPD versions 1.2.0pre1 and earlier and in wu-ftpd 2.4.2 beta 18 VR9 and earlier. This vulnerability is a buffer overflow triggered by unusually long path names directory structures...
PHP realpath 函数信息泄露漏洞
No description provided by source...
PT-2009-1126 · Vmware +3 · Open-Vm-Tools +3
Name of the Vulnerable Software and Affected Versions: open-vm-tools version 2009.03.18-154848 Description: The issue is related to the mount.vmhgfs component of the open-vm-tools package, which incorrectly handles symbolic links before accessing a file. This can allow an attacker to access...
freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability
The host is running freeSSHd SSH server and is prone to remote denial of service vulnerability. NULL pointer de-referencing errors in SFTP 'rename' and 'realpath' commands. These can be exploited by passing overly long string passed as an argument to the affected commands. OpenVAS Vulnerability...
freeSSHd SFTP 'rename' and 'realpath' < 1.2.6 Remote DoS Vulnerability
freeSSHd SSH server is prone to a remote denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Stack overflow
Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service service crash and potentially execute arbitrary code via a long argument to the 1 rename and 2 realpath parameters...
freeSSHd 1.2.1 sftp realpath Remote Buffer Overflow PoC (auth)
No description provided by source. !/usr/bin/perl Jeremy Brown [email protected]/jbrownsec.blogspot.com FreeSSH 1.2.1 Crash 2 -- A Product of Fuzzing. Stay Tuned For More. use Net::SSH2; $host = "192.168.0.100"; $port = 22; $username = "test"; $password = "test"; $dos = "A" x 262145; $ssh2 =...