17 matches found
EUVD-2009-4378
Malware in sbrugna...
SUSE CVE-2009-4411
The 1 setfacl and 2 getfacl commands in XFS acl 2.2.47, when running in recursive -R mode, follow symbolic links even when the --physical aka -P or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack...
SUSE CVE-2010-2071
The btrfsxattrsetacl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl...
Security Bulletin: IBM Spectrum Scale (GPFS) Hadoop connector is affected by a security vulnerability (CVE-2015-7430)
Summary A security vulnerability has been identified in the IBM Spectrum Scale GPFS Hadoop connector which could allow an unprivileged user the ability to read, write, modify, or delete any data in a GPFS file system CVE-2015-7430 Vulnerability Details CVEID: CVE-2015-7430 DESCRIPTION: IBM Genera...
openSUSE Security Update : qemu (openSUSE-2017-1072)
This update for qemu fixes the following issues : Security issues fixed : - CVE-2017-10664: Fix DOS vulnerability in qemu-nbd bsc1046636 - CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb redirection support bsc1047674 - CVE-2017-11334: Fix OOB access during DMA operation...
RHEL 5 : kernel (RHSA-2015:0164)
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
CVE-2010-2071
The btrfsxattrsetacl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl...
CVE-2010-2071
The btrfsxattrsetacl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl...
openSUSE Security Update : acl (acl-1803)
the setfacl tool followed symbolic links in recursive -R mode even if the --physical -P option was specified CVE-2009-4411. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update acl-1803. The text...
openSUSE Security Update : acl (acl-1803)
the setfacl tool followed symbolic links in recursive -R mode even if the --physical -P option was specified CVE-2009-4411. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update acl-1803. The text...
setfacl / getfacl symbolic links vulnerability
Symbolic links are followed on recursive operation...
CVE-2009-4411
The 1 setfacl and 2 getfacl commands in XFS acl 2.2.47, when running in recursive -R mode, follow symbolic links even when the --physical aka -P or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack...
DEBIAN-CVE-2009-4411
The 1 setfacl and 2 getfacl commands in XFS acl 2.2.47, when running in recursive -R mode, follow symbolic links even when the --physical aka -P or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack...
CVE-2009-4411
The 1 setfacl and 2 getfacl commands in XFS acl 2.2.47, when running in recursive -R mode, follow symbolic links even when the --physical aka -P or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack...
CVE-2009-4411
The 1 setfacl and 2 getfacl commands in XFS acl 2.2.47, when running in recursive -R mode, follow symbolic links even when the --physical aka -P or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack...
CVE-2009-4411
The 1 setfacl and 2 getfacl commands in XFS acl 2.2.47, when running in recursive -R mode, follow symbolic links even when the --physical aka -P or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack...
CVE-2009-4411
CVE-2009-4411 concerns the acl feature in XFS ACL 2.2.47. The setfacl and getfacl utilities, when run in recursive (-R) mode, follow symbolic links even if --physical (-P) or -L is specified. This could allow a local attacker to manipulate ACLs on arbitrary files or directories via a symlink atta...