CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0106
https://notcve.org/view.php?id=CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file. • http://secunia.com/advisories/18639 http://www.mandriva.com/security/advisories?name=MDKSA-2006:023 http://www.securityfocus.com/bid/13471 https://usn.ubuntu.com/113-1 •
CVSS: 7.5EPSS: 2%CPEs: 18EXPL: 0CVE-2005-0754
https://notcve.org/view.php?id=CVE-2005-0754
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. • ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff http://marc.info/?l=bugtraq&m=111419664411051&w=2 http://secunia.com/advisories/15060 http://www.kde.org/info/security/advisory-20050420-1.txt http://www.securityfocus.com/bid/13313 •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2005-1111
https://notcve.org/view.php?id=CVE-2005-1111
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:03.cpio.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.2/SCOSA-2006.2.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.32/SCOSA-2005.32.txt http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html http://marc.info/?l=bugtraq&m=111342664116120&w=2 http://secunia.com/advisories/16998 http://secunia.com/advisories/17123 http://secunia.com/advisories/17532 http://secunia&# • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 3.7EPSS: 0%CPEs: 104EXPL: 0CVE-2005-0988
https://notcve.org/view.php?id=CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://rhn.redhat.com/errata/RHSA-2005-357.html http://secunia.com/advisories/18100 http://secunia.com/advisories/21253 http://secunia.com/advisories/22033 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1 http://www& •
CVSS: 7.2EPSS: 0%CPEs: 52EXPL: 4CVE-2005-0750 – Linux Kernel 2.4.x/2.6.x - BlueTooth Signed Buffer Index (PoC)
https://notcve.org/view.php?id=CVE-2005-0750
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. • https://www.exploit-db.com/exploits/25287 https://www.exploit-db.com/exploits/25288 https://www.exploit-db.com/exploits/25289 https://www.exploit-db.com/exploits/926 http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html http://marc.info/?l=bugtraq&m=111204562102633&w=2 http://www.redhat.com/support/errata/RHSA-2005-283.html http://www.redhat.com/support/errata/RHSA-2005-284.html http://www.redhat.com/support/errata/RHSA-2005-293.html http:& •