Lucene search
K

2842 matches found

securityvulns
securityvulns
added 2000/08/26 12:0 a.m.36 views

Advisory: mgetty local compromise

Author : Stan Bubrouski Date : August 26, 2000 Package : mgetty Versions affected : 1.1.22, 1.1.21 and prior at least back to 1994 Severity : faxrunqd follows symbolic links when creating certain files. The default location for the files is /var/spool/fax/outgoing, which is a world-writable...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2000/08/17 12:0 a.m.29 views

Trustix security advisory - apache-ssl

Hi Due to a typo in the rpm spec file for apache-ssl, /usr/sbin/httpsd on a Trustix system will be installed with mode 756 instead of 755, making a binary file that will be run by root world writable. It should not be necessary to explain why this is an extremely bad thing. How this bug slipped...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2000/08/17 12:0 a.m.25 views

Дырка в Apache-ssl из Trustix

Из-за ошибки в скрипте инсталляции часть исполняемых файлов устанавливается открытыми на запись...

0.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/08/12 12:0 a.m.39 views

FlagShip v4.48.7449 premission vulnerability

Content-Type: premission/vulnerability Date : 09/08/2000 16:05 Sender : Narrow [email protected] Subject : FlagShip v4.48.7449 premission vulnerability X-System : Red Hat 6.0 X-Status : Narrow-ADV-08 DESCRIPTION FlagShip is a cross-platform database development system, fully compatible to Clipper,...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2000/08/12 12:0 a.m.29 views

VariCAD 7.0 premission vulnerability

Content-Type: premission/vulnerability Date : 10/08/2000 18:34 Sender : Narrow [email protected] Subject : VariCAD 7.0 premission vulnerability X-System : Red Hat 6.0 X-Status : Narrow-ADV-07 DESCRIPTION VariCAD is a CAD for mechanical engineering for both 2D and 3D. VariCAD 7.0 is shipped with Re...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2000/08/10 12:0 a.m.11 views

Multisoft FlagShip 4.4 - Installation Permission

Multisoft FlagShip 4.4 - Installation Permission source: https://www.securityfocus.com/bid/1586/info A vulnerability exists in the installation of Multisoft's FlagShip 4.4 product. Some binaries are installed with world writable permissions. This may allow an attacker to alter a binary and cause...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2000/08/10 12:0 a.m.33 views

Multisoft FlagShip 4.4 - Installation Permission

source: https://www.securityfocus.com/bid/1586/info A vulnerability exists in the installation of Multisoft's FlagShip 4.4 product. Some binaries are installed with world writable permissions. This may allow an attacker to alter a binary and cause other users to execute arbitrary code. The files:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/07/27 12:0 a.m.29 views

Group-writable executable in OpenLDAP

OpenLDAP installs the ud binary in $binpath with mode 775 and default group i.e. either you primary gid or the directories gid. Of course the consequences depend on which group this actually is. This was checked with 1.2.11 latest stable, but probably also exists in earlier versions, since the...

2.3AI score
Exploits0
securityvulns
securityvulns
added 2000/07/14 12:0 a.m.25 views

Дырка в Java Web Server

Одно из приложений на сервере позволяет скомпилировать и запустить любой файл, как JSP-приложение. Таким образом, если атакующий имеет возможность записать файл он может выполнить код. Как минимум одно из демонстрационных приложений - доска объявлений - позволяет запись файлов...

0.4AI score
Exploits0References1Affected Software1
NVD
NVD
added 2000/06/16 4:0 a.m.17 views

CVE-2000-0494

Veritas Volume Manager creates a world writable .serverpids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsaserver script...

7.2CVSS6.6AI score0.00941EPSS
Exploits1References3
NVD
NVD
added 2000/06/07 4:0 a.m.23 views

CVE-2000-0515

The snmpd.conf configuration file for the SNMP daemon snmpd in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges...

10CVSS6.5AI score0.08361EPSS
Exploits0References4
exploitpack
exploitpack
added 2000/06/07 12:0 a.m.20 views

HP-UX 10.2011.0 - .SNMPD File Permission

HP-UX 10.2011.0 - .SNMPD File Permission source: https://www.securityfocus.com/bid/1327/info A vulnerability exists in the snmpd included with HPUX 11, from Hewlett Packard. The configuration file for the snmpd is world writable. This could allow any user on the system to view and/or alter the...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2000/06/02 12:0 a.m.9 views

HP-UX 10.2011.0 - man tmp Symlink

HP-UX 10.2011.0 - man tmp Symlink source: https://www.securityfocus.com/bid/1302/info The programmers of the 'man' command on various HPUX releases have made several fatal mistakes that allow an attacker to trivially set a trap that could result in any arbitrary file being overwritten on the syst...

7.4AI score
Exploits0
CVE
CVE
added 2000/04/25 4:0 a.m.49 views

CVE-2000-0206

The CVE-2000-0206 entry concerns Oracle 8.1.5.x on Linux, where the installer follows symlinks and creates orainstRoot.sh with world-writable permissions. This configuration flaw allows local users to gain privileges. The available documents specify the vulnerable component (orainstRoot.sh during...

6.2CVSS6.6AI score0.01067EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2000/04/23 12:0 a.m.15 views

CVS 1.10.7 - Local Denial of Service

CVS 1.10.7 - Local Denial of Service source: https://www.securityfocus.com/bid/1136/info CVS stands for Concurrent Versions Software and is an open-source package designed to allow multiple developers to work concurrently on a single source tree, recording changes and controlling versions. It is...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2000/04/23 12:0 a.m.23 views

CVS 1.10.7 - Local Denial of Service

source: https://www.securityfocus.com/bid/1136/info CVS stands for Concurrent Versions Software and is an open-source package designed to allow multiple developers to work concurrently on a single source tree, recording changes and controlling versions. It is possible to cause a denial of service...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/04/21 12:0 a.m.9 views

OpenLDAP 1.2.71.2.81.2.91.2.10 - usrtmp Symlink

OpenLDAP 1.2.71.2.81.2.91.2.10 - usrtmp Symlink source: https://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/04/21 12:0 a.m.25 views

OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink

source: https://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually a symbolic link to the world writable /tmp...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/03/02 12:0 a.m.41 views

getpop3.txt

what?: =-getpop3 exploit-= who?: - by r3p3nt of the DHC - where?: - http://dhc1.cjb.net - contact?: - [email protected] greets: all of DHC, duke, f0rpaxe, artech, and eli up for some raceball? thanks: jwb [email protected] You are wondering "hmm..what is getpop3, mister r3p3nt". Well,...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/02/15 12:0 a.m.13 views

SCO Unixware 7.17.1.1 - ARCserver tmp Symlink

SCO Unixware 7.17.1.1 - ARCserver tmp Symlink source: https://www.securityfocus.com/bid/988/info A symlink following vulnerability exists in the ARCserve agent, as shipped with SCO Unixware 7. Upon startup, the asagent program will create several files in /tmp. These are created mode 777, and can...

7.4AI score
Exploits0
Rows per page
Query Builder