35 matches found
CVE-2001-0135
The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs...
CVE-2001-0135
CVE-2001-0135 affects Ultraboard 2000, version 2.11. The default install creates Skins, Database, and Backups directories with world-writable permissions, enabling a local user to modify sensitive information or potentially insert and execute CGI programs. The connected OpenVAS/Nessus entries ref...
CVE-2000-1072
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse...
CVE-2000-1072
CVE-2000-1072 affects iCal 2.1 Patch 2 where multiple files are installed with world-writable permissions. This allows a local user to modify the iCal configuration and, by replacing the iplncal.sh program with a Trojan horse, execute arbitrary commands. The underlying issue is improper permissio...
CVE-2000-1072
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse...
CVE-2000-0880
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file...
CVE-2000-0791
Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse...
CVE-2000-0880
The CVE-2000-0880 entry concerns LPPlus creating the lpdprocess file with world-writable permissions, which allows local users to kill arbitrary processes by specifying a process ID and using the setuid dcclpdshut program to terminate the specified process. Impact is local access and partial inte...
CVE-2000-0880
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file...
CVE-2000-0791
Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse...
CVE-2000-0791
CVE-2000-0791 describes a Trustix vulnerability where the httpsd binary (Apache-SSL) is installed with world-writeable permissions, enabling local users to replace it with a Trojan horse. The root cause is improper permissions on the httpsd executable, allowing local write access and substitution...
CVE-2000-0206
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges...
CVE-2000-0206
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges...
CVE-1999-1350
ARCAD Systemhaus 0.078-5 installs critical programs and files with world-writeable permissions, which could allow local users to gain privileges by replacing a program with a Trojan horse...
CVE-1999-1071
Excite for Web Servers EWS 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file...