GIMPS: Root privilege escalation

Background GIMPS, the Great Internet Mersenne Prime Search, is a software capable of find Mersenne Primes, which are used in cryptography. GIMPS is also used for hardware testing. Description It was discovered that Gentoo’s default GIMPS installation suffered from a privilege escalation...

Hardcoded credentials

The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search GIMPS allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed...

CVE-2017-14484

Summary: CVE-2017-14484 affects Gentoo’s sci-mathematics/gimps prior to 28.10-r1, enabling a local user to escalate privileges by creating a hard link under /var/lib/gimps due to an unsafe chown -R in the init/checkconfig path. The vulnerability is documented in multiple sources (NVD description ...

SIMM-Comm SCI Photo Chat 3.4.9 Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27872/info SCI Photo Chat is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to access sensitive information tha...

Directory traversal

Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a ".." dot dot backslash or "../" dot dot forward slash in the GET command...

CVE-2008-1169

The connected documents confirm a directory traversal vulnerability in the embedded HTTP server of SCI Photo Chat Server 3.4.9 and earlier. The flaw allows remote attackers to read arbitrary files by supplying ".." or "../" in the GET command. Affected component: embedded HTTP server within SCI P...

SIMM-Comm SCI Photo Chat 3.4.9 - Directory Traversal

SIMM-Comm SCI Photo Chat 3.4.9 - Directory Traversal source: https://www.securityfocus.com/bid/27872/info SCI Photo Chat is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to access...

SIMM-Comm SCI Photo Chat 3.4.9 - Directory Traversal

source: https://www.securityfocus.com/bid/27872/info SCI Photo Chat is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks. Th...

CVE-2004-0673

Cross-site scripting XSS vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message...

CVE-2004-0673

Cross-site scripting XSS vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message...

CVE-2004-0673

CVE-2004-0673 affects SCI Photo Chat Server 3.4.9 with a cross-site scripting (XSS) vulnerability that lets remote attackers trigger arbitrary script execution in other users by echoing an invalid request in the error message. The cited sources describe the issue but do not provide any concrete e...

[Full-Disclosure] XSS in SCI Photo Chat Server 3.4.9

Donato Ferrante Application: SCI Photo Chat Server http://www.simmcomm.ch/ Version: 3.4.9 Bug: cross site scripting Date: 02-Jul-2004 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1...