Lucene search
K

32 matches found

Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.27 views

Ubuntu 4.10 : cpio vulnerability (USN-75-1)

Recently it was discovered that cpio created world-writeable files when used in -o/--create mode with giving an output file with -O. This allowed any user to modify the created cpio archives. Now cpio respects the current umask setting of the user. Note: This vulnerability has already been fixed ...

2.1CVSS5.4AI score0.00556EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2005/05/26 12:0 a.m.36 views

qpopper -- multiple privilege escalation vulnerabilities

Jens Steube reports that qpopper is vulnerable to a privilege escalation vulnerability. qpopper does not properly drop root privileges so that user supplied configuration and trace files can be processed with root privileges. This could allow a local attacker to create or modify arbitrary files...

6.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2005/02/04 7:23 p.m.61 views

USN-75-1: cpio vulnerability

Recently it was discovered that cpio created world-writeable files when used in -o/--create mode with giving an output file with -O. This allowed any user to modify the created cpio archives. Now cpio respects the current umask setting of the user. Note: This vulnerability has already been fixed ...

2.1CVSS5.2AI score0.00556EPSS
Exploits1
NVD
NVD
added 2003/03/24 5:0 a.m.22 views

CVE-2003-0150

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf...

9CVSS6.5AI score0.44831EPSS
Exploits4References14
Cvelist
Cvelist
added 2003/03/21 5:0 a.m.31 views

CVE-2003-0150

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf...

6.3AI score0.44831EPSS
Exploits4References14
CERT
CERT
added 2003/03/18 12:0 a.m.43 views

MySQL allows default user to be changed to root via custom "my.cnf" file

Overview MySQL reads configuration options from world-writeable files. This can lead to a remote user gaining elevated privileges. Description A message posted to the bugtraq mailing list details a vulnerability affecting versions of MySQL prior to 3.23.56. MySQL would permit users with 'FILE'...

9CVSS5.8AI score0.44831EPSS
Exploits4References1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.22 views

CVE-1999-1460

BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program...

6.5AI score0.00917EPSS
Exploits1References3
NVD
NVD
added 2000/10/20 4:0 a.m.16 views

CVE-2000-0719

VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program...

6.2CVSS6.3AI score0.0028EPSS
Exploits0References1
CVE
CVE
added 2000/09/21 4:0 a.m.49 views

CVE-2000-0719

CVE-2000-0719 concerns VariCAD 7.0, where world-writable files enable local users to replace VariCAD binaries with a Trojan horse program. The vulnerability arises from permissions/ownership allowing overwrite of executable components. Reported impact is local code integrity compromise; no exploi...

6.2CVSS6.7AI score0.0028EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/09/21 4:0 a.m.17 views

CVE-2000-0719

VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program...

6.3AI score0.0028EPSS
Exploits0References1
CVE
CVE
added 2000/09/21 4:0 a.m.53 views

CVE-2000-0714

The CVE-2000-0714 issue concerns umb-scheme 3.2-11 for Red Hat Linux, which is installed with world-writable files. This local-access vulnerability arises from permissions allowing modification of files by any user, potentially compromising integrity and confidentiality of affected components. Th...

7.2CVSS7AI score0.0044EPSS
Exploits0References2Affected Software1
NVD
NVD
added 1999/07/13 4:0 a.m.22 views

CVE-1999-1460

BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program...

7.2CVSS6.5AI score0.00917EPSS
Exploits1References3
Rows per page
Query Builder