967 matches found
McAfee VirusScan: Insecure DT_RPATH
Background McAfee VirusScan for Linux is a commercial antivirus solution for Linux. Description Jakub Moc of Gentoo Linux discovered that McAfee VirusScan was distributed with an insecure DTRPATH which included the current working directory, rather than $ORIGIN which was probably intended. Impact...
Debian DSA-918-1 : osh - programming error
Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-3346 Charles Stevenson discovered a bug in the...
To shadowless go without a trace anonymous breakthrough network limit-vulnerability warning-the black bar safety net
Network management as the name suggests, is every pipe of the network, and tried various means to restrict our Internet access people. In the network established all sorts of rules, don't download, don't use IM, not allowed to access the restricted site, etc., so we can't enjoy the Internet bring...
Stack overflow
Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to the realpath...
CVE-2005-4790
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 beagle, 2 tomboy, or 3 blam. NOTE: in August 2007, the tomboy vector...
CVE-2005-3533
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename...
CVE-2005-3533
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename...
CVE-2005-3533
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename...
CVE-2002-2170
The CVE affects BadBlue Enterprise Edition versions 1.7–1.74. The root cause is insufficient authentication when attempts to restrict administrator actions to localhost IP, allowing a remote attacker to trigger arbitrary code execution via an HTTP POST to the dir.hts page on localhost, which can ...
Foreign hackers resources-vulnerability warning-the black bar safety net
allhack.com This website provides a library and a download area. The library for beginners provides hacking knowledge and computer technology basics. The download area includes the Scan Tool, FLOOD tool, decryption tools, denial of service attacks and the like. alw. nih,gov In the security...
maxwebportalxss.txt
--Alt-Boundary-12164.15822371 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Desc: Maxwebportal 1.3.5 and prior Risk: High MaxWebPortal is...
PT-2005-1982 · Mtftpd · Mtftpd
Name of the Vulnerable Software and Affected Versions: mtftpd version 0.0.3 Description: The issue is related to a format string vulnerability in the log do function in log.c. This vulnerability can be exploited when the statistics option is enabled, allowing remote attackers to execute arbitrary...
CVE-2004-1000
The CVE-2004-1000 entry concerns the lintian Debian package checker. Affected software: lintian, versions up to 1.23 and earlier. Root cause: lintian removes the working directory even if it wasn’t created by lintian, enabling a symlink attack that could delete an unrelated or arbitrary file or d...
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (1)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/12673/info A remote buffer overflow vulnerability affects Working Resources BadBlue. This issue is due to a failure of the application to securely copy GET request parameters int...
security flaw
Buffer overflow in the extractone function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w working directory command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise...
Sophos Anti-Virus Detection and Status
Sophos Anti-Virus, a commercial antivirus software package for Windows, is installed on the remote host. However, there is a problem with the installation; either its services are not running or its engine and/or virus definitions are out of date. C Tenable Network Security, Inc...
DEBIAN-CVE-2004-1000
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack...
CVE-2003-0188
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories...
PT-2002-1846 · Ipswitch · Ws Ftp Ftp Server
Name of the Vulnerable Software and Affected Versions: WS FTP FTP Server version 3.1.1 Description: The issue allows remote authenticated users to execute arbitrary code via a long SITE CPWD command, which is a buffer overflow. This can be exploited by sending a long command to the server,...
PT-2001-2328 · Eftp · Eftp
Name of the Vulnerable Software and Affected Versions: EFTP version 2.0.8.346 Description: A directory traversal issue allows local users to read directories by using a modified dot dot in the CWD command. Recommendations: For EFTP version 2.0.8.346, consider restricting access to the CWD command...