2817 matches found
CVE-2002-1956
ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files...
CVE-2002-1836
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files...
CVE-2002-1844
Microsoft Windows Media Player WMP 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges...
CVE-2002-1956
ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files...
PT-2002-2566 · Microsoft · Windows Media Player
Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Player WMP version 6.3 Description: The issue allows local users to gain privileges by deleting or modifying executables due to world-writable permissions. Recommendations: For Microsoft Windows Media Player WMP versio...
rpcbind/fsr_efs/mv/errhook/uux vulnerabilities update
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: rpcbind/fsrefs/mv/errhook/uux vulnerabilities update Number: 20020903-02-P Date: October 14, 2002 - -------------- - --- Update --- - -------------- The patches in the original advisory are incompatible with R4000-class hardware...
Important: Red Hat Security Advisory: tetex security update
Updated packages for dvips are available which fix a vulnerability allowing print users to execute arbitrary commands. Updated 13 Aug 2003 Added tetex-doc package that was originally left out of the errata. The dvips utility converts DVI format into PostScriptTM, and is used in Red Hat Linux as a...
CVE-2002-0529
HP Photosmart printer driver for Mac OS X installs the hpimagingconnectivity program and the hpimagingconnectivity.app directory with world-writable permissions, which allows local users to gain privileges of other Photosmart users by replacing hpimagingconnectivity with a Trojan horse...
CVE-2002-0805
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, 1 creates new directories with world-writable permissions, and 2 creates the params file with world-writable permissions, which allows local users to modify the files and execute code...
iDEFENSE Security Advisory: iSCSI Default Configuration File Settings
iDEFENSE Security Advisory 08.08.2002 iSCSI Default Configuration File Settings DESCRIPTION iSCSI is a popular new protocol that allows the SCSI protocol to be used over traditional IP networks. This allows for SAN like storage arrays without requiring new network infrastructure. iSCSI’s primary...
CVE-2001-1079
CVE-2001-1079 concerns the creation of keyfile directories with world-writable permissions in PSSP 3.2 with DCE 3.1 authentication on AIX. The underlying issue is that a local user can exploit these permissions to delete key files, leading to a denial of service. The description specifies the aff...
Xinet K-Talk Appletalk(tm) xkas vulnerability on IRIX
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: Xinet K-Talk Appletalktm xkas vulnerability Number: 20020604-01-I Date: June 10, 2002 Reference: CAN-2002-0213 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that the Appletalktm...
Xinet K-Talk Appletalk(tm) xkas vulnerability on IRIX
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: Xinet K-Talk Appletalktm xkas vulnerability Number: 20020604-01-I Date: June 10, 2002 Reference: CAN-2002-0213 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that the Appletalktm...
CVE-2002-0529
HP Photosmart printer driver for Mac OS X installs the hpimagingconnectivity program and the hpimagingconnectivity.app directory with world-writable permissions, which allows local users to gain privileges of other Photosmart users by replacing hpimagingconnectivity with a Trojan horse...
CVE-2002-0295
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges...
PT-2002-1282 · Oracle · Tarantella Enterprise 3
Name of the Vulnerable Software and Affected Versions: Tarantella Enterprise 3 versions 3.01 through 3.20 Description: A race condition exists in the installation script, which creates a world-writeable temporary "gunzip" program before executing it. This could allow local users to execute...
CVE-2001-1256
kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the 1 /tmp/.kmmodreglock and 2 /tmp/kmpath.tmp temporary files...
Weak permissions in Tarantella temporary files
World-writable temporary file created with name available via prosess list...
CVE-2001-1171
Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy...
CVE-2002-0105
CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable...