Lucene search
K

967 matches found

Gentoo Linux
Gentoo Linux
added 2006/12/14 12:0 a.m.26 views

McAfee VirusScan: Insecure DT_RPATH

Background McAfee VirusScan for Linux is a commercial antivirus solution for Linux. Description Jakub Moc of Gentoo Linux discovered that McAfee VirusScan was distributed with an insecure DTRPATH which included the current working directory, rather than $ORIGIN which was probably intended. Impact...

4.6CVSS7.2AI score0.004EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.29 views

Debian DSA-918-1 : osh - programming error

Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-3346 Charles Stevenson discovered a bug in the...

7.2CVSS6.3AI score0.01148EPSS
Exploits0References4
myhack58
myhack58
added 2006/04/13 12:0 a.m.18 views

To shadowless go without a trace anonymous breakthrough network limit-vulnerability warning-the black bar safety net

Network management as the name suggests, is every pipe of the network, and tried various means to restrict our Internet access people. In the network established all sorts of rules, don't download, don't use IM, not allowed to access the restricted site, etc., so we can't enjoy the Internet bring...

6.8AI score
Exploits0
Prion
Prion
added 2006/03/30 11:2 a.m.26 views

Stack overflow

Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to the realpath...

3.7CVSS7AI score0.00947EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2005/12/31 5:0 a.m.16 views

CVE-2005-4790

Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 beagle, 2 tomboy, or 3 blam. NOTE: in August 2007, the tomboy vector...

6.9CVSS7.3AI score0.00481EPSS
Exploits0References22
NVD
NVD
added 2005/12/11 2:3 a.m.19 views

CVE-2005-3533

Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename...

7.2CVSS7.3AI score0.01148EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2005/12/11 2:3 a.m.23 views

CVE-2005-3533

Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename...

7.2CVSS6AI score0.01148EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/12/11 2:0 a.m.26 views

CVE-2005-3533

Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename...

7.2AI score0.01148EPSS
Exploits0References5
CVE
CVE
added 2005/11/16 9:17 p.m.54 views

CVE-2002-2170

The CVE affects BadBlue Enterprise Edition versions 1.7–1.74. The root cause is insufficient authentication when attempts to restrict administrator actions to localhost IP, allowing a remote attacker to trigger arbitrary code execution via an HTTP POST to the dir.hts page on localhost, which can ...

7.5CVSS7.9AI score0.04735EPSS
Exploits1References3Affected Software1
myhack58
myhack58
added 2005/09/23 12:0 a.m.30 views

Foreign hackers resources-vulnerability warning-the black bar safety net

allhack.com This website provides a library and a download area. The library for beginners provides hacking knowledge and computer technology basics. The download area includes the Scan Tool, FLOOD tool, decryption tools, denial of service attacks and the like. alw. nih,gov In the security...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2005/08/07 12:0 a.m.33 views

maxwebportalxss.txt

--Alt-Boundary-12164.15822371 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Desc: Maxwebportal 1.3.5 and prior Risk: High MaxWebPortal is...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2005/04/03 12:0 a.m.5 views

PT-2005-1982 · Mtftpd · Mtftpd

Name of the Vulnerable Software and Affected Versions: mtftpd version 0.0.3 Description: The issue is related to a format string vulnerability in the log do function in log.c. This vulnerability can be exploited when the statistics option is enabled, allowing remote attackers to execute arbitrary...

7.5CVSS7.7AI score0.04434EPSS
Exploits1References6
CVE
CVE
added 2005/01/19 5:0 a.m.75 views

CVE-2004-1000

The CVE-2004-1000 entry concerns the lintian Debian package checker. Affected software: lintian, versions up to 1.23 and earlier. Root cause: lintian removes the working directory even if it wasn’t created by lintian, enabling a symlink attack that could delete an unrelated or arbitrary file or d...

2.1CVSS6.2AI score0.0035EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2004/12/26 12:0 a.m.16 views

Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (1)

Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/12673/info A remote buffer overflow vulnerability affects Working Resources BadBlue. This issue is due to a failure of the application to securely copy GET request parameters int...

0.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2004/09/01 7:0 p.m.4 views

security flaw

Buffer overflow in the extractone function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w working directory command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise...

10CVSS6.2AI score0.18827EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/04/26 12:0 a.m.238 views

Sophos Anti-Virus Detection and Status

Sophos Anti-Virus, a commercial antivirus software package for Windows, is installed on the remote host. However, there is a problem with the installation; either its services are not running or its engine and/or virus definitions are out of date. C Tenable Network Security, Inc...

5.5AI score
Exploits0References4
OSV
OSV
added 2004/01/10 5:0 a.m.1 views

DEBIAN-CVE-2004-1000

lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack...

2.1CVSS6.7AI score0.0035EPSS
Exploits0References1
Cvelist
Cvelist
added 2003/05/17 4:0 a.m.19 views

CVE-2003-0188

lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories...

6.9AI score0.00442EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2002/08/12 12:0 a.m.6 views

PT-2002-1846 · Ipswitch · Ws Ftp Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP FTP Server version 3.1.1 Description: The issue allows remote authenticated users to execute arbitrary code via a long SITE CPWD command, which is a buffer overflow. This can be exploited by sending a long command to the server,...

7.5CVSS7.4AI score0.12177EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2001/12/13 12:0 a.m.4 views

PT-2001-2328 · Eftp · Eftp

Name of the Vulnerable Software and Affected Versions: EFTP version 2.0.8.346 Description: A directory traversal issue allows local users to read directories by using a modified dot dot in the CWD command. Recommendations: For EFTP version 2.0.8.346, consider restricting access to the CWD command...

5CVSS6.4AI score0.0226EPSS
Exploits0References7
Rows per page
Query Builder