32 matches found
Ubuntu 4.10 : cpio vulnerability (USN-75-1)
Recently it was discovered that cpio created world-writeable files when used in -o/--create mode with giving an output file with -O. This allowed any user to modify the created cpio archives. Now cpio respects the current umask setting of the user. Note: This vulnerability has already been fixed ...
qpopper -- multiple privilege escalation vulnerabilities
Jens Steube reports that qpopper is vulnerable to a privilege escalation vulnerability. qpopper does not properly drop root privileges so that user supplied configuration and trace files can be processed with root privileges. This could allow a local attacker to create or modify arbitrary files...
USN-75-1: cpio vulnerability
Recently it was discovered that cpio created world-writeable files when used in -o/--create mode with giving an output file with -O. This allowed any user to modify the created cpio archives. Now cpio respects the current umask setting of the user. Note: This vulnerability has already been fixed ...
CVE-2003-0150
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf...
CVE-2003-0150
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf...
MySQL allows default user to be changed to root via custom "my.cnf" file
Overview MySQL reads configuration options from world-writeable files. This can lead to a remote user gaining elevated privileges. Description A message posted to the bugtraq mailing list details a vulnerability affecting versions of MySQL prior to 3.23.56. MySQL would permit users with 'FILE'...
CVE-1999-1460
BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program...
CVE-2000-0719
VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program...
CVE-2000-0719
CVE-2000-0719 concerns VariCAD 7.0, where world-writable files enable local users to replace VariCAD binaries with a Trojan horse program. The vulnerability arises from permissions/ownership allowing overwrite of executable components. Reported impact is local code integrity compromise; no exploi...
CVE-2000-0719
VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program...
CVE-2000-0714
The CVE-2000-0714 issue concerns umb-scheme 3.2-11 for Red Hat Linux, which is installed with world-writable files. This local-access vulnerability arises from permissions allowing modification of files by any user, potentially compromising integrity and confidentiality of affected components. Th...
CVE-1999-1460
BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program...