1564 matches found
CVE-2012-6646
F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors...
CVE-2005-2944
The performfilesave function in GNOME Workstation Command Center gwcc 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwccout.txt temporary file...
CVE-2009-1526
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...
CVE-2004-0481
The logging feature in kcmsconfigure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCSClogFile file...
CVE-2002-2126
restrictEnabled in Integrity Protection Driver IPD 1.2 delays driver installation for 20 minutes, which allows local users to insert malicious code by setting system clock to an earlier time...
CVE-2002-2188
OpenBSD before 3.2 allows local users to cause a denial of service kernel crash via a call to getrlimit2 with invalid arguments, possibly due to an integer signedness error...
CVE-2002-2180
The setitimer2 system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error...
CVE-2002-2059
BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change the default boot device via the F8 key...
CVE-2002-2327
Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties...
CVE-2009-2596
Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv121, when extended file attributes are used, allows local users to cause a denial of service panic via vectors related to fadaupath structure members...
CVE-2003-0679
Unknown vulnerability in the libcpr library for the Checkpoint/Restart cpr system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files...
CVE-2005-4788
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."...
CVE-2002-2050
Directory traversal vulnerability in processorweb plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. dot dot in the hostname of a log entry...
CVE-2002-1838
Charities.cron 1.0.2 through 1.6.0 allows local users to write to arbitrary files via a symlink attack on temporary files...
CVE-2002-1687
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable...
CVE-2009-3706
Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv100 through snv117, allows local users to bypass intended limitations of the filechownself privilege via certain uses of the chown system call...
CVE-2008-5135
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/mounted-map or 2 /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-roo...
CVE-2007-5159
The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions setuid root to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor...
CVE-1999-1589
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors...
CVE-1999-0388
DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root...