2455 matches found
Mandriva Update for tar MDKSA-2007:173 (tar)
Check for the Version of tar OpenVAS Vulnerability Test Mandriva Update for tar MDKSA-2007:173 tar Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Design/Logic Flaw
xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1 console/tty, 2 console/limit, or 3 image/device-model-pid...
CVE-2008-5716
xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1 console/tty, 2 console/limit, or 3 image/device-model-pid...
CVE-2008-4405
xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1...
Gentoo Security Advisory GLSA 200605-05 (rsync)
The remote host is missing updates announced in advisory GLSA 200605-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200605-05 (rsync)
The remote host is missing updates announced in advisory GLSA 200605-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-2041
Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and "grave" impact when the web server has write access to a directory under the web document root...
[SECURITY] Fedora 8 Update: scponly-4.6-10.fc8
scponly is an alternative 'shell' for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications...
HP Software Update client 3.0.8.4 Multiple Remote Vulnerabilities
No description provided by source. Advisory: ///////// There is another remotely exploitable flaw within software preinstalled in HP notebook machines. This time, the culprit is automatic software update tool provided by the vendor.The Potential exploitation may lead ...
Buffer overflow
Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow 1 remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or 2 local users to execute arbitrary code via a long...
DEBIAN-CVE-2007-5358
Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow 1 remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or 2 local users to execute arbitrary code via a long...
[SECURITY] Fedora 7 Update: ntfs-3g-1.913-2.fc7
The ntfs-3g driver is an open source, GPL licensed, third generation Linux NTFS driver. It provides full read-write access to NTFS, excluding access to encrypted files, writing compressed files, changing file ownership, access right. Technically it=E2=80=99s based on and a major improvement to th...
gtar -- Directory traversal vulnerability
Red Hat reports: A path traversal flaw was discovered in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access. Red Hat credits Dmitry V. Levin for reporting the issue...
Avax Vector ActiveX unauthorized access
WriteMovie method allows write access to the disk...
TFTP Server TFTPDWin 0.4.2 - Directory Traversal
source: https://www.securityfocus.com/bid/23937/info TFTP Server TFTPDWIN is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to gain read/write access to privileged directories and files. TFT...
CVE-2007-1744
Directory traversal vulnerability in the Shared Folders feature for VMware Workstation before 5.5.4, when a folder is shared, allows users on the guest system to write to arbitrary files on the host system via the "Backdoor I/O Port" interface...
VMware Workstation < 5.5.4 Build 44386 Multiple Vulnerabilities
The version of VMware Workstation installed on the remote host is earlier than 5.5.4, Build 44386. Such versions are reportedly affected by several issues, including a directory traversal issue in the application's Shared Folders feature that may allow read or write access from a guest to a host...
CVE-2006-6579
Microsoft Windows XP has weak permissions FILEWRITEDATA and FILEREADDATA for Everyone for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAMmachine and read access by IUSRMachine...
Microsoft Remote Installation Service Writable Path Vulnerability
Overview A vulnerability in the way Microsoft Remote Installation Service handles TFTP may allow a remote, unauthorized attacker to create or overwrite arbitrary operating system files. Description Microsoft Remote Installation Service contains a vulnerability in the way that it provides TFTP...
Net-SNMP security protection bypass
Under some conditions write access may be obtained to read-only community...