Lucene search
K

1907 matches found

UbuntuCve
UbuntuCve
added 2007/06/04 4:30 p.m.23 views

CVE-2007-2452

Heap-based buffer overflow in the visitoldformat function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036...

6CVSS6.5AI score0.02225EPSS
Exploits0References1
Debian
Debian
added 2007/05/15 5:34 p.m.43 views

[SECURITY] [DSA 1291-1] New samba packages fix multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1291-1 [email protected] http://www.debian.org/security/ Noah Meyerhans May 15, 2007 - ------------------------------------------------------------------------ Package : samba Vulnerability :...

10CVSS7AI score0.77806EPSS
Exploits39
OSV
OSV
added 2007/05/14 9:19 p.m.10 views

CVE-2007-2444

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user...

7.2CVSS6.5AI score0.00783EPSS
Exploits0References37
Samba
Samba
added 2007/05/14 12:0 a.m.75 views

Local SID/Name translation bug can result

Description When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a transition to the root user id rather than the non-root user. The user is then able to temporarily issue SMB/CIFS protocol...

7.2CVSS8.3AI score0.00783EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/03/19 12:0 a.m.23 views

GLSA-200703-20 : LSAT: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200703-20 LSAT: Insecure temporary file creation LSAT insecurely writes in /tmp with a predictable filename. Impact : A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewher...

4.3CVSS5.6AI score0.00324EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2007/03/18 12:0 a.m.39 views

LSAT: Insecure temporary file creation

Background The Linux Security Auditing Tool LSAT is a post install security auditor which checks many system configurations and local network settings on the system for common security or configuration errors and for packages that are not needed. Description LSAT insecurely writes in /tmp with a...

4.3CVSS6.1AI score0.00324EPSS
Exploits0
seebug.org
seebug.org
added 2007/03/05 12:0 a.m.15 views

Zend Platform不安全文件访问权限漏洞

Zend Platform是企业级PHP应用的运行时平台环境。 Zend Platform的文件安装存在权限配置错误,本地攻击者可能利用此漏洞获取权限提升。 Zend Platform所安装的一些二进制程序和SHELL脚本没有设置安全的文件访问权限,导致Web服务器用户或安装Zend Platform的用户帐号错误地拥有了某些文件。如果入侵了Web服务器或安装Zend Platform的用户帐号的话,攻击者就可以通过替换或编辑文件获得权限提升,在下一次服务器重启时以root用户权限执行文件。 Zend Platform = 2.2.3 ----...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.19 views

MDKA-2007:005 : nmap

The version of nmap shipped with Mandriva Linux 2007 was built against the system copies of the libpcap and libdnet libraries. However, nmap actually requires changes to be made to these libraries which have not yet been made to the upstream versions, and consequently should be compiled against i...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/02/15 12:0 a.m.31 views

GLSA-200702-02 : ProFTPD: Local privilege escalation

The remote host is affected by the vulnerability described in GLSA-200702-02 ProFTPD: Local privilege escalation A flaw exists in the modctrls module of ProFTPD, normally used to allow FTP server administrators to configure the daemon at runtime. Impact : An FTP server administrator permitted to...

6.6CVSS5.9AI score0.02315EPSS
Exploits1References2
seebug.org
seebug.org
added 2007/02/07 12:0 a.m.15 views

linux/x86 add root user r00t with no password to /etc/passwd 69 bytes

No description provided by source. / By Kris Katterjohn 11/14/2006 69 byte shellcode to add root user 'r00t' with no password to /etc/passwd for Linux/x86 section .text global start start: ; open"/etc//passwd", OWRONLY | OAPPEND push byte 5 pop eax xor ecx, ecx push ecx push 0x64777373 push...

7.1AI score
Exploits0
myhack58
myhack58
added 2007/01/03 12:0 a.m.39 views

The reproduction of social engineering-vulnerability warning-the black bar safety net

Article author: withered Ling roseN. C. P. H Information source: evil octal information security teamwww.eviloctal.com to This is my osmosis in the process of a real experience,I would have thought after two days of time to get to the master server,the Master Station program on the Master Station...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2006/12/19 12:0 a.m.14 views

Chetcpasswd本地权限提升漏洞

Chetcpasswd是一个允许用户通过Web更改自己Squid及Web访问口令的工具。 Chetcpasswd在处理参数时存在漏洞,本地攻击者可能利用此漏洞提升自己权限。 如果配置为使用postchange和alertemail的话,或在更改口令后将新的passwd文件拷贝到旧的passwd文件,chetcpasswd就可能不安全地执行外部程序,允许本地攻击者获得root用户权限。但要利用这个漏洞要求攻击者在服务器上拥有有效的shell帐号且知道允许使用chetcpasswd的IP地址。 CHETCPASSWD CHETCPASSWD 2.4.1...

7.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/12/14 12:0 a.m.43 views

GNU Radius: Format string vulnerability

Background GNU Radius is a GNU version of Radius, a server for remote user authentication and accounting. Description A format string vulnerability was found in the sqllog function from the SQL accounting code for radiusd. That function is only used if one or more of the "postgresql", "mysql" or...

10CVSS7.9AI score0.04997EPSS
Exploits0
securityvulns
securityvulns
added 2006/12/14 12:0 a.m.45 views

iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so Directory Traversal Vulnerability

Sun Microsystems Solaris ld.so Directory Traversal Vulnerability iDefense Security Advisory 12.12.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 12, 2006 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2006/12/14 12:0 a.m.39 views

iDefense Security Advisory 12.12.06: Sun Microsystems Solaris ld.so 'doprf()' Buffer Overflow Vulnerability

Sun Microsystems Solaris ld.so 'doprf' Buffer Overflow Vulnerability iDefense Security Advisory 12.12.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 12, 2006 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at...

7.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/12/14 12:0 a.m.31 views

GLSA-200612-12 : F-PROT Antivirus: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200612-12 F-PROT Antivirus: Multiple vulnerabilities F-Prot Antivirus version 4.6.7 fixes a heap-based buffer overflow, an infinite loop, and other unspecified vulnerabilities. Impact : Among other weaker impacts, a remote attacke...

7.5CVSS6.3AI score0.15964EPSS
Exploits2References4
Exploit DB
Exploit DB
added 2006/11/17 12:0 a.m.34 views

linux/x86 - add root user r00t with no password to /etc/passwd 69 bytes

linux/x86 add root user r00t with no password to /etc/passwd 69 bytes. Shellcode exploit for linx86 platform / By Kris Katterjohn 11/14/2006 69 byte shellcode to add root user 'r00t' with no password to /etc/passwd for Linux/x86 section .text global start start: ; open"/etc//passwd", OWRONLY |...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.18 views

IBM AIX cfgmgr工具本地权限提升及任意文件覆盖漏洞

IBM AIX是一款商业性质的UNIX操作系统。 AIX的cfgmgr工具的实现上存在缓冲区漏洞,本地攻击者可能利用此漏洞提升权限或导致文件覆盖。 如果system组的用户提交了大于长度2K的目录路径字符串做为参数的话,就会触发这个漏洞,导致覆盖任意系统文件或以root用户权限执行任意指令。 IBM AIX 5.3 IBM AIX 5.2 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: ftp://aix.software.ibm.com/aix/efixes/security/cfgmgrifix.tar.Z...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.12 views

IBM AIX rdist工具本地任意文件覆盖漏洞

IBM AIX是一款商业性质的UNIX操作系统。 AIX的/usr/bin/rdist工具实现上存在漏洞,本地攻击者可能利用此漏洞覆盖任意文件并以root用户权限执行任意指令。 IBM AIX 5.3 IBM AIX 5.2 临时解决方法: 删除setuid root位: chmod 555 /usr/bin/rdist 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: ftp://aix.software.ibm.com/aix/efixes/security/rdistifix.tar.Z...

6.9AI score
Exploits0
Cent OS
Cent OS
added 2006/09/12 7:3 p.m.66 views

wireshark security update

CentOS Errata and Security Advisory CESA-2006:0658 New Wireshark packages that fix various security vulnerabilities are now available. Wireshark was previously known as Ethereal. This update has been rated as having low security impact by the Red Hat Security Response Team. Wireshark is a program...

5.4CVSS5.7AI score0.04132EPSS
Exploits0References9
Rows per page
Query Builder