Mandrake Linux Security Advisory : apcupsd (MDKSA-2000:077)

A problem exists with the apcupsd daemon. During startup, apcupsd creates a PID file in /var/run with the ID of the daemon process. This file is used by the shutdown script to kill the daemon process. The /var/run/apcupsd.pid file is created with mode 666 permissions, meaning it is world-writeabl...

Mandrake Linux Security Advisory : openldap (MDKSA-2000:003)

OpenLDAP follows symbolic links when creating files. The default location for these files is /usr/tmp, which is a symlink to /tmp, which in turn is a world-writable directory. Local users can destroy the contents of any file on any mounted filesystem. %NASLMINLEVEL 70300 C Tenable Network Securit...

NetDecision 4.2 TFTP Writable Directory Traversal Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Gentoo Security Advisory GLSA 201207-07 (keepalived)

The remote host is missing updates announced in advisory GLSA 201207-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

FreeBSD Ports: automake

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Gentoo Security Advisory GLSA 201207-07 (keepalived)

The remote host is missing updates announced in advisory GLSA 201207-07. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

FreeBSD : automake -- Insecure 'distcheck' recipe granted world-writable distdir (36235c38-e0a8-11e1-9f4d-002354ed89bc)

GNU reports : The recipe of the 'distcheck' target granted temporary world-write permissions on the extracted distdir. This introduced a locally exploitable race condition for those who run 'make distcheck' with a non-restrictive umask e.g., 022 in a directory that was accessible by others. A...

DEBIAN-CVE-2012-3386

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors...

CVE-2012-3386

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors...

Race condition

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors...

CVE-2012-3386

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors...

CVE-2012-3386

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors...

CVE-2012-3454

eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftptmp directory, which allows local users to delete or overwrite arbitrary files...

CVE-2012-3453

logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files...

CVE-2012-3453

logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files...

DEBIAN-CVE-2012-3453

logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files...

DEBIAN-CVE-2012-3449

Open vSwitch 1.4.2 uses world writable permissions for 1 /var/lib/openvswitch/pki/controllerca/incoming/ and 2 /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files...

Design/Logic Flaw

Open vSwitch 1.4.2 uses world writable permissions for 1 /var/lib/openvswitch/pki/controllerca/incoming/ and 2 /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files...

CVE-2012-3454

eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftptmp directory, which allows local users to delete or overwrite arbitrary files...

Design/Logic Flaw

logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files...