Page 21 of 166 results (0.005 seconds)

CVSS: 7.2EPSS: 1%CPEs: 47EXPL: 0

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. El servidor de bases de datos CDE ToolTalk (ttdbserver) permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque en enlaces simbólicos (symlink attack) en el fichero de registro (log) de transacciones usado por el procedimiento RPC _TT_TRANSACTION • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P http://archives.neohapsis.com/archives/aix/2002-q3/0002.html http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.iss.net/security_center/static/9527.php http://www.kb.cert.org/vuls/id/299816 http://www.securityfocus.com/bid/5083 http://www1.itrc.hp •

CVSS: 7.5EPSS: 0%CPEs: 46EXPL: 0

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al procedimiento AUTH_UNIX, que es usado como índice de tabla en el procedimiento _TT_ISCLOSE. • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.kb.cert.org/vuls/id/975403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15 https:/&#x •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. • http://archives.neohapsis.com/archives/hp/2002-q2/0023.html http://securityreason.com/securityalert/656 http://www.iss.net/security_center/static/8939.php http://www.kb.cert.org/vuls/id/977779 http://www.securityfocus.com/bid/4582 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5518 •

CVSS: 2.1EPSS: 0%CPEs: 7EXPL: 0

setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space. • http://archives.neohapsis.com/archives/hp/2001-q3/0000.html http://www.iss.net/security_center/static/6810.php http://www.securityfocus.com/bid/3416 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5159 •

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. RLPDaemon en HP-UX 10.20 y 11.0 permite a usuarios locales la sobreescritura de ficheros arbitrarios y la obtención de privilegios, especificando el fichero objeto en la opción '-L'. • http://www.iss.net/security_center/static/7729.php http://www.securityfocus.com/archive/1/245690 http://www.securityfocus.com/bid/3701 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5763 •