Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
CdrtoolsCdrecord

3 matches found

CVE
CVEadded 2004/09/14 4:0 a.m.53 views

CVE-2004-0806

CVE-2004-0806 affects cdrecord in the cdrtools package prior to 2.01, where cdrecord, when installed setuid root, fails to drop privileges before invoking a program specified by the RSH environment variable, enabling a local user to gain privileges. The issue is addressed in cdrtools 2.01 (upstre...

7.2CVSS6.1AI score0.01725EPSS
CVE
CVEadded 2005/03/26 5:0 a.m.52 views

CVE-2005-0866

CVE-2005-0866 affects cdrecord before 4:2.0. When DEBUG is enabled, it allows local users to overwrite arbitrary files via a symlink attack on temporary files. The issue is documented across NVD, Ubuntu, Mandrake advisories, and related CVE entries, which note that an updated package containing a...

2.1CVSS6.4AI score0.0031EPSS
CVE
CVEadded 2003/05/14 4:0 a.m.41 views

CVE-2003-0289

CVE-2003-0289 affects the cdrecord component of the cdRtools package (cdrecord, version 2.0). The vulnerability is a format-string issue in scsiopen.c (dev parameter) that enables local users to gain privileges. Public references note that this is a local-privilege-escalation vulnerability in cdr...

7.2CVSS6.5AI score0.01059EPSS