Microsoft IIS - WebDAV Write Access Code Execution (Metasploit)

$Id: iiswebdavuploadasp.rb 10397 2010-09-20 15:59:46Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

GLSA-201006-10 : multipath-tools: World-writeable socket

The remote host is affected by the vulnerability described in GLSA-201006-10 multipath-tools: World-writeable socket multipath-tools uses world-writable permissions for the socket file /var/run/multipathd.sock. Impact : Local users could send arbitrary commands to the multipath daemon, causing...

Mandriva Update for kdebase MDVSA-2010:074 (kdebase)

Check for the Version of kdebase OpenVAS Vulnerability Test Mandriva Update for kdebase MDVSA-2010:074 kdebase Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

SuSE9 Security Update : permissions (YOU Patch Number 10815)

It is technically impossible to change permissions files in of world writeable directories that don't have the sticky bit set in a secure way. This update therefore removes /var/lib/xmcd/discog from /etc/permissions. Furthermore permissions handling of files below /var/games is removed. To be abl...

openSUSE Security Update : apport (apport-816)

The apport crash watcher / handler suite contains a cron job that cleanes the world writeable /var/crash directory unsafely, allowing local attackers to remove random files on the system. CVE-2009-1295 This update fixes this. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

Gentoo Security Advisory GLSA 200510-13 (spe)

The remote host is missing updates announced in advisory GLSA 200510-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Debian: Security Advisory (DSA-1086-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1086-1] New xmcd packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1086-1 [email protected] http://www.debian.org/security/ Martin Schulze June 2nd, 2006 http://www.debian.org/security/faq -...

[Full-disclosure] [SECURITY] [DSA 1086-1] New xmcd packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1086-1 [email protected] http://www.debian.org/security/ Martin Schulze June 2nd, 2006 http://www.debian.org/security/faq -...

DSA-1086-1 xmcd - design flaw

Bulletin has no description...

TFTP Weak Directory Permissions (HP Ignite-UX) - Active Check

The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes a world-writeable directory to anonymous TFTP access. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

FTP Writeable Directories

The remote FTP server contains world-writeable files. By crawling through the remote FTP server, several directories were marked as being world writeable. SPDX-FileCopyrightText: 2006 TNS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Ubuntu 4.10 : cpio vulnerability (USN-75-1)

Recently it was discovered that cpio created world-writeable files when used in -o/--create mode with giving an output file with -O. This allowed any user to modify the created cpio archives. Now cpio respects the current umask setting of the user. Note: This vulnerability has already been fixed ...

SUSE-SA:2005:062: permissions

The remote host is missing the patch for the advisory SUSE-SA:2005:062 permissions. SUSE LINUX ships with three pre defined sets of permissions, 'easy', 'secure' and 'paranoid'. The chkstat program contained in the permissions package is used to set those permissions to the chosen level. Level...

Corsaire Security Advisory: HP Ignite-UX filesystem permissions issue

-- Corsaire Security Advisory -- Title: HP Ignite-UX filesystem permissions issue Date: 23.11.04 Application: HP Ignite-UX prior to version C.6.2.241 Environment: HP-UX Author: Martin O'Neal [email protected] Audience: General distribution Reference: c041123-002 -- Scope -- The aim of thi...

CVE-2002-1715

SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access...

CVE-2002-1715

SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access...

Qpopper: Multiple Vulnerabilities

Background Qpopper is a widely used server for the POP3 protocol. Description Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users CAN-2005-1151. The upstream developers discovered that Qpopper can be forced to create group or world writeable files...

USN-75-1: cpio vulnerability

Recently it was discovered that cpio created world-writeable files when used in -o/--create mode with giving an output file with -O. This allowed any user to modify the created cpio archives. Now cpio respects the current umask setting of the user. Note: This vulnerability has already been fixed ...

GLSA-200410-10 : gettext: Insecure temporary file handling

The remote host is affected by the vulnerability described in GLSA-200410-10 gettext: Insecure temporary file handling gettext insecurely creates temporary files in world-writeable directories with predictable names. Impact : A local attacker could create symbolic links in the temporary files...