12 matches found
EUVD-2001-0067
Malware in sbrugna...
EUVD-2013-6986
Malware in sbrugna...
CVE-2023-38037
ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current umask settings, meaning that it's possible for other users on the same system to read the contents of the temporary file. Attackers that ha...
Possible File Disclosure of Locally Encrypted Files
There is a possible file disclosure of locally encrypted files in Active Support. This vulnerability has been assigned the CVE identifier CVE-2023-38037. Versions Affected: = 5.2.0 Not affected: 5.2.0 Fixed Versions: 7.0.7.1, 6.1.7.5 Impact ActiveSupport::EncryptedFile writes contents that will b...
Linux: Default user umask
User Mask or User file creation MASK, umask is the default permission for a new file or directory created by a user. Secure default permission prevents other users from accessing private data. This script test for umask parameter set in files SPDX-FileCopyrightText: 2019 Greenbone AG Some text...
CVE-2013-7203
gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup...
CVE-2013-7203
The CVE-2013-7203 entry concerns gitolite prior to commit fa06a34, where local users could read arbitrary files in repositories due to vectors related to the user umask during gitolite setup. Connected records (NVD and OSV/Ubuntu/Debian feeds) confirm the same description across multiple sources....
CVE-2013-7203
gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup...
CVE-2001-0067
The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set...
CVE-2001-0067
The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set...
CVE-2000-0579
IRIX crontab is affected: it creates temporary files with predictable names and the user’s umask, enabling local users to modify another user’s crontab while it is being edited. The CVSS data indicates local access with partial confidentiality/integrity/availability impact. No remediation details...
BMC Software Patrol 3.2.5 - Patrol SNMP Agent File CreationPermission
BMC Software Patrol 3.2.5 - Patrol SNMP Agent File CreationPermission source: https://www.securityfocus.com/bid/525/info Patrol 3.2, installed out of the box, allows for a local root compromise or denial of service. The vulnerability lies in the creation of a file by snmpagnt that is owned by the...