openSUSE Security Update : kernel (kernel-2050)

The openSUSE 11.1 Kernel was updated to 2.6.27.42 fixing various bugs and security issues. CVE-2010-0622: The wakefutexpi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance PI futex, which allows local use...

SuSE9 Security Update : the Linux kernel (YOU Patch Number 12578)

This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel. - The collectrxframe function in drivers/isdn/hisax/hfcusb.c in the Linux kernel allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer...

Samba Symlink Directory Traversal Vulnerability (Feb 2010)

Samba is prone to a directory traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Samba 3.4.5 - Symlink Directory Traversal

Samba 3.4.5 - Symlink Directory Traversal source: https://www.securityfocus.com/bid/38111/info Samba is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploits would allow an attacker to access files outside of the Samba...

Samba 3.4.5 - Symlink Directory Traversal

source: https://www.securityfocus.com/bid/38111/info Samba is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploits would allow an attacker to access files outside of the Samba user's root directory to obtain sensitive...

Samba 3.4.5 - Symlink Directory Traversal (Metasploit)

source: https://www.securityfocus.com/bid/38111/info Samba is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploits would allow an attacker to access files outside of the Samba user's root directory to obtain sensitive...

kernel: megaraid_sas permissions in sysfs

The dbglvl file for the megaraidsas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the 1 behavior and 2 logging level of the driver by modifying this file...

kernel: megaraid_sas permissions in sysfs

The pollmodeio file for the megaraidsas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file...

CVE-2009-3556

A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when NPort ID Virtualization NPIV hardware is used, sets world-writable permissions for the 1 vportcreate and 2 vportdelete files under /sys/class/scsihost/, which allows loc...

kernel: megaraid_sas permissions in sysfs

The dbglvl file for the megaraidsas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the 1 behavior and 2 logging level of the driver by modifying this file...

kernel: megaraid_sas permissions in sysfs

The pollmodeio file for the megaraidsas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file...

kernel: qla2xxx NPIV vport management pseudofiles are world writable

A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when NPort ID Virtualization NPIV hardware is used, sets world-writable permissions for the 1 vportcreate and 2 vportdelete files under /sys/class/scsihost/, which allows loc...

PT-2010-1294 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux RHEL 5 with Linux kernel 2.6.18 Description: The issue concerns a Red Hat configuration step for the qla2xxx driver in the Linux kernel when N Port ID Virtualization NPIV hardware is used. This configuration sets...

SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1754 / 1760)

Indications Everyone using the Linux Kernel on x8664 architecture should update. Contraindications None. Problem description The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.42 fixing various bugs and security issues. The following security issues were fixed : - A underflow in the e1000...

SuSE 11.2 Security Update: kernel (2009-12-18)

The Linux kernel for openSUSE 11.2 was updated to 2.6.31.8 to fix the following bugs and security issues : - A file overwrite issue on the ext4 filesystem could be used by local attackers that have write access to a filesystem to change/overwrite files of other users, including root. CVE-2009-413...

kernel: megaraid_sas permissions in sysfs

The pollmodeio file for the megaraidsas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file...

kernel: megaraid_sas permissions in sysfs

The dbglvl file for the megaraidsas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the 1 behavior and 2 logging level of the driver by modifying this file...

CVE-2009-3557

The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safemode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments...

CVE-2009-3557

The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safemode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments...

CVE-2009-3939

The pollmodeio file for the megaraidsas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file...