Page 2 of 28 results (0.020 seconds)

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers. initscripts en el rPath Linux 1 establece permisos inseguros para el fichero /var/log/btmp, lo que permite a usuarios locales obtener información sensible respecto a los intentos de autenticación. NOTA: debido a que el sshd detecta los permisos inseguros y no registra ciertos eventos, esto también previene al sshd de registrar intentos fallidos de autenticación por usuarios remotos. • http://secunia.com/advisories/27215 http://www.securityfocus.com/archive/1/482129/100/100/threaded http://www.securityfocus.com/archive/1/482857/100/0/threaded http://www.securityfocus.com/bid/26048 http://www.vupen.com/english/advisories/2007/3474 https://issues.rpath.com/browse/RPL-1825 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 6%CPEs: 23EXPL: 0

Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. Vulnerabilidad de salto de directorio en la función contains_dot_dot de src/names.c en GNU tar permite a atacantes remotos con la complicidad del usuario sobre-escribir ficheros de su elección mediante determinadas secuencias //.. (barra barra punto punto) en los enlaces simbólicos de directorio en un fichero TAR. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=251921 http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/26573 http://secunia.com/advisories/26590 http://secunia.com/advisories/26603 http://secunia.com/advisories/26604 http://secunia.com/advisories/26655 http://secunia.com/advisories/26673 http://secunia.com/advisories/26674 http://secunia.com/advisories/26781 http:&#x •

CVSS: 6.8EPSS: 3%CPEs: 8EXPL: 0

libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service via (1) an invalid mapping type, which triggers an out-of-bounds read in the vorbis_info_clear function in info.c, and (2) invalid blocksize values that trigger a segmentation fault in the read function in block.c. libvorbis 1.1.2, y posiblemente otras versiones anteriores a 1.2.0, permite a atacantes dependientes del contexto provocar denegación de servicio a travñes de (1) un tipo de mapeo no válido, el cual dispara una lectura fuera de límite en la función vorbis_info_clear en info.c, y (2) tamaño de bloque no válido que dispara un fallo de segmento en la función read en block.c. • http://secunia.com/advisories/24923 http://secunia.com/advisories/26087 http://secunia.com/advisories/26232 http://secunia.com/advisories/26299 http://secunia.com/advisories/26429 http://secunia.com/advisories/26535 http://secunia.com/advisories/26865 http://secunia.com/advisories/27099 http://secunia.com/advisories/27439 http://secunia.com/advisories/28614 http://security.gentoo.org/glsa/glsa-200710-03.xml http://securitytracker.com/id?1018712 http://www.debian.org/sec •

CVSS: 6.8EPSS: 2%CPEs: 9EXPL: 0

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap overwrite" in the _01inverse function in res0.c. NOTE: this issue has been RECAST so that CVE-2007-4029 handles additional vectors. En la biblioteca lib/info.c en libvorbis versión 1.1.2, y posiblemente otras versiones anteriores a 1.2.0, permite a los atacantes dependiendo del contexto causar una denegación de servicio y posiblemente ejecutar código arbitrario por medio de valores no válidos (1) blocksize_0 y (2) blocksize_1, que desencadenan una "heap overwrite" en la función _01inverse en el archivo res0.c. NOTA: este problema ha sido REESTRUCTURADO para que el CVE-2007-4029 maneje vectores adicionales. • http://secunia.com/advisories/24923 http://secunia.com/advisories/26087 http://secunia.com/advisories/26232 http://secunia.com/advisories/26299 http://secunia.com/advisories/26429 http://secunia.com/advisories/26535 http://secunia.com/advisories/26865 http://secunia.com/advisories/27099 http://secunia.com/advisories/28614 http://security.gentoo.org/glsa/glsa-200710-03.xml http://www.debian.org/security/2008/dsa-1471 http://www.isecpartners.com/advisories/2007-003-libvorbis&# • CWE-399: Resource Management Errors •

CVSS: 3.8EPSS: 2%CPEs: 56EXPL: 0

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html http://rhn.redhat.com/errata/RHSA-2007-0125.html http://secunia.com/advisories/24741 http://secunia.com/advisories/24745 http://secunia.com/advisories/ •