61 matches found
Design/Logic Flaw
Untrusted search path vulnerability in 1 reportbug 3.8 and 3.31, and 2 reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory...
CVE-2008-2230
Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory. Root cause: untrusted module loading path. Affected components: reportbug and rep...
CVE-2008-2230
Untrusted search path vulnerability in 1 reportbug 3.8 and 3.31, and 2 reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory...
CVE-2008-2230
Untrusted search path vulnerability in 1 reportbug 3.8 and 3.31, and 2 reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory...
Ubuntu 4.10 : reportbug information disclosure (USN-88-1)
Rolf Leggewie discovered two information disclosure bugs in reportbug. The per-user configuration file /.reportbugrc was created world-readable. If it contained email smarthost passwords, these were readable by any other user on the computer storing the home directory. reportbug usually includes...
CVE-2005-0625
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd...
CVE-2005-0624
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...
CVE-2005-0625
CVE-2005-0625 affects reportbug 3.2, where settings from .reportbugrc are included in bug reports, exposing sensitive data such as smtpuser and smtppasswd. The underlying issue is the unintended leakage of stored mail credentials via bug reports. The impact is credential exposure; the available s...
CVE-2005-0624
CVE-2005-0624 affects reportbug before 2.62; .reportbugrc is created with world‑readable permissions, allowing local users to obtain email smarthost passwords. Impact: partial confidentiality; exploit requires local access. NVD metrics show LOW severity (AV:L, AC:L, AU:N). The provided documents ...
CVE-2005-0624
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...
CVE-2005-0625
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd...
USN-88-1: reportbug information disclosure
Rolf Leggewie discovered two information disclosure bugs in reportbug. The per-user configuration file /.reportbugrc was created world-readable. If it contained email smarthost passwords, these were readable by any other user on the computer storing the home directory. reportbug usually includes...
CVE-2005-0624
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...
CVE-2005-0624
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...
DEBIAN-CVE-2005-0624
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...
CVE-2005-0625
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd...
CVE-2005-0624
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...
CVE-2005-0625
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd...
CVE-2005-0625
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd...
DEBIAN-CVE-2005-0625
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd...