openSUSE Security Update : apport (apport-816)

The apport crash watcher / handler suite contains a cron job that cleanes the world writeable /var/crash directory unsafely, allowing local attackers to remove random files on the system. CVE-2009-1295 This update fixes this. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

Rosoft Media Player 4.2.1 Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ======================================================= Rosoft Media Player 4.2.1 Local Buffer Overflow Exploit ======================================================= Rosoft Media Player 4.2.1 Local Buffer Overflow Exploit0-day...

ftp-anon NSE Script

Checks if an FTP server allows anonymous logins. If anonymous is allowed, gets a directory listing of the root directory and highlights writeable files. See also: ftp-brute.nse Script Arguments ftp-anon.maxlist The maximum number of files to return in the directory listing. By default it is 20, o...

Gentoo Security Advisory GLSA 200510-13 (spe)

The remote host is missing updates announced in advisory GLSA 200510-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Debian DSA-1629-2 : postfix - programming error

Sebastian Krahmer discovered that Postfix, a mail transfer agent, incorrectly checks the ownership of a mailbox. In some configurations, this allows for appending data to arbitrary files as root. Note that only specific configurations are vulnerable; the default Debian installation is not affecte...

Debian: Security Advisory (DSA-1086-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution

FTP server GNU inetutils 1.4.2 Remote Root Exploit This program remotely exploits the most recent versions of GNU inetutils ftpd on linux systems. Requirements: 1. There MUST be a chroot'ed environment for the logged in user 2. Directory etc must be writeable by the logged in user duh! The exploi...

ProFTPD 1.3.0 (sreplace) Remote Stack Overflow Exploit (meta)

Exploit for linux platform in category remote exploits ============================================================= ProFTPD 1.3.0 sreplace Remote Stack Overflow Exploit meta ============================================================= vdproftpd.pm - Metasploit module for ProFTPD stack overflow...

OpenBSD 2.6 / 2.7ftpd Remote Exploit

No description provided by source. / h0h0h0 0-day k0d3z Exploit by Scrippie, help by dvorak and jimjones greets to sk8 Not fully developt exploit but it works most of the time ; Things to add: - automatic writeable directory finding - syn-scan option to do mass-scanning - worm capabilities? shoul...

[SECURITY] [DSA 1086-1] New xmcd packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1086-1 [email protected] http://www.debian.org/security/ Martin Schulze June 2nd, 2006 http://www.debian.org/security/faq -...

[Full-disclosure] [SECURITY] [DSA 1086-1] New xmcd packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1086-1 [email protected] http://www.debian.org/security/ Martin Schulze June 2nd, 2006 http://www.debian.org/security/faq -...

DSA-1086-1 xmcd - design flaw

Bulletin has no description...

FTP Writeable Directories

The remote FTP server contains world-writeable files. By crawling through the remote FTP server, several directories were marked as being world writeable. SPDX-FileCopyrightText: 2006 TNS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

TFTP Weak Directory Permissions (HP Ignite-UX) - Active Check

The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes a world-writeable directory to anonymous TFTP access. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Ubuntu 4.10 : cpio vulnerability (USN-75-1)

Recently it was discovered that cpio created world-writeable files when used in -o/--create mode with giving an output file with -O. This allowed any user to modify the created cpio archives. Now cpio respects the current umask setting of the user. Note: This vulnerability has already been fixed ...

SUSE-SA:2005:062: permissions

The remote host is missing the patch for the advisory SUSE-SA:2005:062 permissions. SUSE LINUX ships with three pre defined sets of permissions, 'easy', 'secure' and 'paranoid'. The chkstat program contained in the permissions package is used to set those permissions to the chosen level. Level...

Mandrake Linux Security Advisory : kdebase (MDKSA-2005:160)

Ilja van Sprundel from suresec.org notified the KDE security team about a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access. In order for an exploit to succeed, the directory /var/lock has to be writeable for a user that is allowed to...

Corsaire Security Advisory: HP Ignite-UX filesystem permissions issue

-- Corsaire Security Advisory -- Title: HP Ignite-UX filesystem permissions issue Date: 23.11.04 Application: HP Ignite-UX prior to version C.6.2.241 Environment: HP-UX Author: Martin O'Neal [email protected] Audience: General distribution Reference: c041123-002 -- Scope -- The aim of thi...

CVE-2002-1715

SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access...

CVE-2002-1715

SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access...