2842 matches found
Advisory: mgetty local compromise
Author : Stan Bubrouski Date : August 26, 2000 Package : mgetty Versions affected : 1.1.22, 1.1.21 and prior at least back to 1994 Severity : faxrunqd follows symbolic links when creating certain files. The default location for the files is /var/spool/fax/outgoing, which is a world-writable...
Trustix security advisory - apache-ssl
Hi Due to a typo in the rpm spec file for apache-ssl, /usr/sbin/httpsd on a Trustix system will be installed with mode 756 instead of 755, making a binary file that will be run by root world writable. It should not be necessary to explain why this is an extremely bad thing. How this bug slipped...
Дырка в Apache-ssl из Trustix
Из-за ошибки в скрипте инсталляции часть исполняемых файлов устанавливается открытыми на запись...
FlagShip v4.48.7449 premission vulnerability
Content-Type: premission/vulnerability Date : 09/08/2000 16:05 Sender : Narrow [email protected] Subject : FlagShip v4.48.7449 premission vulnerability X-System : Red Hat 6.0 X-Status : Narrow-ADV-08 DESCRIPTION FlagShip is a cross-platform database development system, fully compatible to Clipper,...
VariCAD 7.0 premission vulnerability
Content-Type: premission/vulnerability Date : 10/08/2000 18:34 Sender : Narrow [email protected] Subject : VariCAD 7.0 premission vulnerability X-System : Red Hat 6.0 X-Status : Narrow-ADV-07 DESCRIPTION VariCAD is a CAD for mechanical engineering for both 2D and 3D. VariCAD 7.0 is shipped with Re...
Multisoft FlagShip 4.4 - Installation Permission
Multisoft FlagShip 4.4 - Installation Permission source: https://www.securityfocus.com/bid/1586/info A vulnerability exists in the installation of Multisoft's FlagShip 4.4 product. Some binaries are installed with world writable permissions. This may allow an attacker to alter a binary and cause...
Multisoft FlagShip 4.4 - Installation Permission
source: https://www.securityfocus.com/bid/1586/info A vulnerability exists in the installation of Multisoft's FlagShip 4.4 product. Some binaries are installed with world writable permissions. This may allow an attacker to alter a binary and cause other users to execute arbitrary code. The files:...
Group-writable executable in OpenLDAP
OpenLDAP installs the ud binary in $binpath with mode 775 and default group i.e. either you primary gid or the directories gid. Of course the consequences depend on which group this actually is. This was checked with 1.2.11 latest stable, but probably also exists in earlier versions, since the...
Дырка в Java Web Server
Одно из приложений на сервере позволяет скомпилировать и запустить любой файл, как JSP-приложение. Таким образом, если атакующий имеет возможность записать файл он может выполнить код. Как минимум одно из демонстрационных приложений - доска объявлений - позволяет запись файлов...
CVE-2000-0494
Veritas Volume Manager creates a world writable .serverpids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsaserver script...
CVE-2000-0515
The snmpd.conf configuration file for the SNMP daemon snmpd in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges...
HP-UX 10.2011.0 - .SNMPD File Permission
HP-UX 10.2011.0 - .SNMPD File Permission source: https://www.securityfocus.com/bid/1327/info A vulnerability exists in the snmpd included with HPUX 11, from Hewlett Packard. The configuration file for the snmpd is world writable. This could allow any user on the system to view and/or alter the...
HP-UX 10.2011.0 - man tmp Symlink
HP-UX 10.2011.0 - man tmp Symlink source: https://www.securityfocus.com/bid/1302/info The programmers of the 'man' command on various HPUX releases have made several fatal mistakes that allow an attacker to trivially set a trap that could result in any arbitrary file being overwritten on the syst...
CVE-2000-0206
The CVE-2000-0206 entry concerns Oracle 8.1.5.x on Linux, where the installer follows symlinks and creates orainstRoot.sh with world-writable permissions. This configuration flaw allows local users to gain privileges. The available documents specify the vulnerable component (orainstRoot.sh during...
CVS 1.10.7 - Local Denial of Service
CVS 1.10.7 - Local Denial of Service source: https://www.securityfocus.com/bid/1136/info CVS stands for Concurrent Versions Software and is an open-source package designed to allow multiple developers to work concurrently on a single source tree, recording changes and controlling versions. It is...
CVS 1.10.7 - Local Denial of Service
source: https://www.securityfocus.com/bid/1136/info CVS stands for Concurrent Versions Software and is an open-source package designed to allow multiple developers to work concurrently on a single source tree, recording changes and controlling versions. It is possible to cause a denial of service...
OpenLDAP 1.2.71.2.81.2.91.2.10 - usrtmp Symlink
OpenLDAP 1.2.71.2.81.2.91.2.10 - usrtmp Symlink source: https://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually ...
OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink
source: https://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually a symbolic link to the world writable /tmp...
getpop3.txt
what?: =-getpop3 exploit-= who?: - by r3p3nt of the DHC - where?: - http://dhc1.cjb.net - contact?: - [email protected] greets: all of DHC, duke, f0rpaxe, artech, and eli up for some raceball? thanks: jwb [email protected] You are wondering "hmm..what is getpop3, mister r3p3nt". Well,...
SCO Unixware 7.17.1.1 - ARCserver tmp Symlink
SCO Unixware 7.17.1.1 - ARCserver tmp Symlink source: https://www.securityfocus.com/bid/988/info A symlink following vulnerability exists in the ARCserve agent, as shipped with SCO Unixware 7. Upon startup, the asagent program will create several files in /tmp. These are created mode 777, and can...