17 matches found
EUVD-2005-1709
Malware in sbrugna...
Gentoo Webapp-Config 1.10 Insecure File Creation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13780/info Gentoo webapp-config is prone to an insecure file creation vulnerability. This issue is due to a design error that causes the application to fail to verify the existence of a file before writing to it. An...
Gentoo Security Advisory GLSA 200506-13 (webapp-config)
The remote host is missing updates announced in advisory GLSA 200506-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200501-12 (tikiwiki)
The remote host is missing updates announced in advisory GLSA 200501-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200506-20 (cacti)
The remote host is missing updates announced in advisory GLSA 200506-20. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200506-13 (webapp-config)
The remote host is missing updates announced in advisory GLSA 200506-13. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Trac: Cross-site scripting vulnerability
Background Trac is a minimalistic web-based project management, wiki and bug tracking system including a Subversion interface. Description Christophe Truc discovered that Trac fails to properly sanitize input passed in the URL. Impact A remote attacker could exploit this to inject and execute...
Gallery: Cross-site scripting vulnerability
Background Gallery is a web application written in PHP which is used to organize and publish photo albums. It allows multiple users to build and maintain their own albums. It also supports the mirroring of images on other servers. Description Peter Schumacher discovered that Gallery fails to...
[Full-disclosure] [ GLSA 200506-13 ] webapp-config: Insecure temporary file handling
Gentoo Linux Security Advisory GLSA 200506-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Gentoo Linux webapp-config symbolic links problem
Symbolic links problem on temporary files creation...
GLSA-200506-13 : webapp-config: Insecure temporary file handling
The remote host is affected by the vulnerability described in GLSA-200506-13 webapp-config: Insecure temporary file handling Eric Romang discovered webapp-config uses a predictable temporary filename while processing certain options, resulting in a race condition. Impact : Successful exploitation...
Gentoo Webapp-Config 1.10 - Insecure File Creation
Gentoo Webapp-Config 1.10 - Insecure File Creation source: https://www.securityfocus.com/bid/13780/info Gentoo webapp-config is prone to an insecure file creation vulnerability. This issue is due to a design error that causes the application to fail to verify the existence of a file before writin...
Gentoo Webapp-Config 1.10 - Insecure File Creation
source: https://www.securityfocus.com/bid/13780/info Gentoo webapp-config is prone to an insecure file creation vulnerability. This issue is due to a design error that causes the application to fail to verify the existence of a file before writing to it. An attacker may leverage this issue to cau...
CVE-2005-1707
The fnshowpostinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file...
CVE-2005-1707
CVE-2005-1707 affects Gentoo webapp-config, where the fn_show_postinst function can be abused via a symlink attack on the temporary file postinst.txt. This race condition could let a local attacker overwrite arbitrary files with the privileges of the webapp-config user, potentially disrupting ope...
CVE-2005-1707
The fnshowpostinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file...
webapp-config-05182005.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gentoo webapp-config insecure temporary file creation Vendor: http://www.gentoo.org Advisory: http://www.zataz.net/adviso/webapp-config-05182005.txt Vendor informed: yes Exploit available: yes Impact : high Exploitation : low Gentoo webapp-config...