55 matches found
CVE-2003-0173
CVE-2003-0173 affects xfsdump and its helper xfsdq. When quotas are enabled, xfsdump saves quota information by invoking xfsdq and creates the output file at the root of the target filesystem in an unsafe manner, allowing local users to gain root privileges. Debian’s DSA-283-1 documents the issue...
CVE-2003-0173
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges...
CVE-2003-0173
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges...
Symbolic links in xfsdump
File is created insecurely in the root of given file system...
[SECURITY] [DSA 283-1] New xfsdump packages fix insecure file creation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 283-1 [email protected] http://www.debian.org/security/ Martin Schulze April 11th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 283-1] New xfsdump packages fix insecure file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 283-1 [email protected] http://www.debian.org/security/ Martin Schulze April 11th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 283-1] New xfsdump packages fix insecure file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 283-1 [email protected] http://www.debian.org/security/ Martin Schulze April 11th, 2003 http://www.debian.org/security/faq -...
xfsdump creates files insecurely on IRIX
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : xfsdump creates files insecurely Number : 20030404-01-P Date : April 10, 2003 Reference: CVE CAN-2003-0173 Reference: SGI BUG 885222 Fixed in : IRIX 6.5.20 when available or patches 5059 and 5060 - ----------------------- - --- Issu...
DSA-283 xfsdump - insecure file creation
Bulletin has no description...
SGI IRIX "xfsdump" creates quota information files insecurely
Overview A vulnerability exists in xfsdump on SGI IRIX. Exploitation of this vulnerability may allow a local attacker to gain root privileges. Because other operating systems ship with xfsdump, vendors other than SGI may be affected. Description From the xfsdump man page:xfsdump backs up files an...
CVE-1999-1398
The CVE-1999-1398 vulnerability affects the xfsdump utility on SGI IRIX and could allow local users to gain root privileges via the bck.log file, potentially through a symlink attack. The provided documents do not specify exact affected IRIX versions, exploit details, or a patch/remediation. Expl...
CVE-1999-1398
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack...
CVE-1999-1398
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack...
SGI IRIX 6.4 - xfsdump Local Privilege Escalation
SGI IRIX 6.4 - xfsdump Local Privilege Escalation source: https://www.securityfocus.com/bid/472/info The xfsdump program shipped with Irix 5.x and 6.x from SGI contains a vulnerability which could lead to root compromise. By creating a log file in /usr/tmp called bck.log, a user could create a...
SGI IRIX 6.4 - 'xfsdump' Local Privilege Escalation
source: https://www.securityfocus.com/bid/472/info The xfsdump program shipped with Irix 5.x and 6.x from SGI contains a vulnerability which could lead to root compromise. By creating a log file in /usr/tmp called bck.log, a user could create a symbolic link from this file to any file they wish t...