Lucene search
K

2455 matches found

OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.17 views

Mandriva Update for tar MDKSA-2007:173 (tar)

Check for the Version of tar OpenVAS Vulnerability Test Mandriva Update for tar MDKSA-2007:173 tar Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

6.8CVSS0.02743EPSS
Exploits1References2
Prion
Prion
added 2008/12/24 6:29 p.m.23 views

Design/Logic Flaw

xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1 console/tty, 2 console/limit, or 3 image/device-model-pid...

7.2CVSS7AI score0.01042EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2008/12/24 5:0 p.m.24 views

CVE-2008-5716

xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1 console/tty, 2 console/limit, or 3 image/device-model-pid...

7.8AI score0.00358EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2008/10/03 5:41 p.m.26 views

CVE-2008-4405

xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1...

7.2CVSS5.9AI score0.01042EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.21 views

Gentoo Security Advisory GLSA 200605-05 (rsync)

The remote host is missing updates announced in advisory GLSA 200605-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.4AI score0.03633EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.16 views

Gentoo Security Advisory GLSA 200605-05 (rsync)

The remote host is missing updates announced in advisory GLSA 200605-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.03633EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2008/04/30 4:17 p.m.23 views

CVE-2008-2041

Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and "grave" impact when the web server has write access to a directory under the web document root...

10CVSS5.9AI score0.01633EPSS
Exploits0References1
Fedora
Fedora
added 2008/02/16 2:9 a.m.34 views

[SECURITY] Fedora 8 Update: scponly-4.6-10.fc8

scponly is an alternative 'shell' for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications...

8.5CVSS4.2AI score0.04362EPSS
Exploits1
seebug.org
seebug.org
added 2007/12/20 12:0 a.m.17 views

HP Software Update client 3.0.8.4 Multiple Remote Vulnerabilities

No description provided by source. Advisory: ///////// There is another remotely exploitable flaw within software preinstalled in HP notebook machines. This time, the culprit is automatic software update tool provided by the vendor.The Potential exploitation may lead ...

7.1AI score
Exploits0
Prion
Prion
added 2007/10/12 11:17 p.m.15 views

Buffer overflow

Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow 1 remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or 2 local users to execute arbitrary code via a long...

6.8CVSS8.2AI score0.03859EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2007/10/12 11:17 p.m.3 views

DEBIAN-CVE-2007-5358

Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow 1 remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or 2 local users to execute arbitrary code via a long...

6.8CVSS7.8AI score0.03859EPSS
Exploits0References1
Fedora
Fedora
added 2007/09/25 3:42 p.m.24 views

[SECURITY] Fedora 7 Update: ntfs-3g-1.913-2.fc7

The ntfs-3g driver is an open source, GPL licensed, third generation Linux NTFS driver. It provides full read-write access to NTFS, excluding access to encrypted files, writing compressed files, changing file ownership, access right. Technically it=E2=80=99s based on and a major improvement to th...

6.9AI score
Exploits0
FreeBSD
FreeBSD
added 2007/08/23 12:0 a.m.37 views

gtar -- Directory traversal vulnerability

Red Hat reports: A path traversal flaw was discovered in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access. Red Hat credits Dmitry V. Levin for reporting the issue...

6.8CVSS7.5AI score0.02743EPSS
Exploits1References2
securityvulns
securityvulns
added 2007/06/27 12:0 a.m.27 views

Avax Vector ActiveX unauthorized access

WriteMovie method allows write access to the disk...

4.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2007/05/11 12:0 a.m.24 views

TFTP Server TFTPDWin 0.4.2 - Directory Traversal

source: https://www.securityfocus.com/bid/23937/info TFTP Server TFTPDWIN is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to gain read/write access to privileged directories and files. TFT...

7.4AI score
Exploits0
NVD
NVD
added 2007/05/02 7:19 p.m.27 views

CVE-2007-1744

Directory traversal vulnerability in the Shared Folders feature for VMware Workstation before 5.5.4, when a folder is shared, allows users on the guest system to write to arbitrary files on the host system via the "Backdoor I/O Port" interface...

6.3CVSS6.5AI score0.00445EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2007/05/01 12:0 a.m.53 views

VMware Workstation < 5.5.4 Build 44386 Multiple Vulnerabilities

The version of VMware Workstation installed on the remote host is earlier than 5.5.4, Build 44386. Such versions are reportedly affected by several issues, including a directory traversal issue in the application's Shared Folders feature that may allow read or write access from a guest to a host...

7.8CVSS5.4AI score0.01983EPSS
Exploits1References8
NVD
NVD
added 2006/12/15 7:28 p.m.16 views

CVE-2006-6579

Microsoft Windows XP has weak permissions FILEWRITEDATA and FILEREADDATA for Everyone for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAMmachine and read access by IUSRMachine...

4.4CVSS6.2AI score0.0126EPSS
Exploits0References1
CERT
CERT
added 2006/12/14 12:0 a.m.29 views

Microsoft Remote Installation Service Writable Path Vulnerability

Overview A vulnerability in the way Microsoft Remote Installation Service handles TFTP may allow a remote, unauthorized attacker to create or overwrite arbitrary operating system files. Description Microsoft Remote Installation Service contains a vulnerability in the way that it provides TFTP...

7.5CVSS6.4AI score0.30446EPSS
Exploits0References2
securityvulns
securityvulns
added 2006/12/10 12:0 a.m.37 views

Net-SNMP security protection bypass

Under some conditions write access may be obtained to read-only community...

2.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder