2818 matches found
CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
Design/Logic Flaw
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
DEBIAN-CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
Fedora Core 5 : xorg-x11-server-1.0.1-9 (2006-172)
Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team. Upon analysis, Alan Coopersmith, a member of the X.Org development team, noticed a couple of serious security issues in the findings. In particular, the Xorg server can be exploited for...
18ZLZA.txt
Summary: 18 ways to escalate privileges in Zone Labs ZoneAlarm Security Suite build 6.1.744.000 http://www.zonelabs.com/ Details: During Windows startup the TrueVector service vsmon.exe - an integral piece of most Zone Labs products is set to startup automatically. The TrueVector service runs und...
CVE-2006-1063
Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...
CVE-2006-1063
Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...
Code injection
Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...
CVE-2005-2713
CVE-2005-2713 concerns local privilege escalation in Mac OS X. The iDefense advisory details two related issues in the /usr/bin/passwd binary on affected builds (Mac OS X 10.3.9 and 10.4.5; server variants also mentioned): first, passwd accepts a password database option and does not verify write...
Code injection
QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup...
CVE-2006-0623
QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup...
CVE-2006-0623
CVE-2006-0623 is associated with QNX Neutrino RTOS 6.3.0. The vulnerability arises because /etc/rc.d/rc.local is shipped with world-writable permissions, allowing local users to modify the file and thereby execute arbitrary code at system startup. The connected records confirm the affected softwa...
CVE-2006-0623
QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup...
Code injection
Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50 and possibly earlier has 1 world-readable permissions for ipn/logs/ipnsuccess.txt, which allows local users to view sensitive information payment data, and 2 world-writable permissions for ipn/logs, which allows local...
CVE-2006-0202
Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50 and possibly earlier has 1 world-readable permissions for ipn/logs/ipnsuccess.txt, which allows local users to view sensitive information payment data, and 2 world-writable permissions for ipn/logs, which allows local...
CVE-2006-0202
CVE-2006-0202 affects PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier. The issue is due to insecure filesystem permissions: ipn/logs/ipn_success.txt is world-readable, allowing local users to view payment data, and ipn/logs is world-writable, enabling local users to delete or repl...
CVE-2005-2713
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option...
PT-2005-4719 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the patchday that contains the fix for this issue Description: This issue allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has...