26 matches found
CVE-2014-4622
EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server...
Authorization
EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server...
CVE-2014-4622
EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server...
The Shellcoder's Handbook : 1st & 2nd Edition Download
Shellcoder's Programming Uncovered Kris Kaspersky ISBN-10: 193176946X Product Description How hackers, viruses, and worms attack computers from the Internet and exploit security holes in software is explained in this outline of antivirus software, patches, and firewalls that try in vain to...
PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, The recent vulnerability in Postfix discovered by Sebastian Krahmer is trivially exploitable when certain preconditions are met. Nevertheless, it's very difficult to find such conditions in a real-world scenario. I wrote this exploit for fun an...
PHP problem
This is not really an advisory, but a warning for sysadmins running webservers with PHP. I noticed that it was possible to rebuild the user database Unix even when safemode prevented from reading /etc/passwd and openbasedir prevented from accessing /etc. The implementation of getpwuid,nam functio...