Page 6 of 44 results (0.038 seconds)

CVSS: 4.4EPSS: 0%CPEs: 31EXPL: 1

xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems. xfs_fsr en xfsdump crea un directorio temporal .fsr con permisos no seguros, que permite a usuarios locales leer o sobrescribir archivos arbitrarios en sistemas de archivos xfs. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=417894 http://osvdb.org/36716 http://secunia.com/advisories/25220 http://secunia.com/advisories/25425 http://secunia.com/advisories/25761 http://secunia.com/advisories/26867 http://www.mandriva.com/security/advisories?name=MDKSA-2007:134 http://www.novell.com/linux/security/advisories/2007_10_sr.html http://www.securityfocus.com/bid/23922 http://www.ubuntu.com/usn/usn-516-1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.5EPSS: 15%CPEs: 15EXPL: 3

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines. El motor Zend en PHP versión 4.x anterior a 4.4.7, y versión 5.x anterior a 5.2.2, permite que los atacantes remotos causen una denegación de servicio (agotamiento de pila y bloqueo de PHP) por medio de matrices profundamente anidadas, que desencadenan una profunda recursión en la variable de rutinas de destrucción. • https://www.exploit-db.com/exploits/29692 http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html http://rhn.redhat.com/errata/RHSA-2007-0154.html http://rhn.redhat.com/errata/RHSA-2007-0155.html http://rhn.redhat.com/errata/RHSA-2007-0163.html http://secunia.com/advisories/24909 http://secunia.com/advisories/24910 http://secunia.com/advisories/24924 http://secunia.com/advisories/24941 http://secunia.com/advisories/24945 http://secunia.com/advisories&#x • CWE-674: Uncontrolled Recursion •

CVSS: 10.0EPSS: 2%CPEs: 8EXPL: 0

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. Vulnerabilidad no especificada en HP Serviceguard para Linux; empaquetado para SuSE SLES8 y United Linux 1.0 versiones anteriores a SG A.11.15.07, SuSE SLES9 y SLES10 versiones anteriores a SG A.11.16.10, y Red Hat Enterprise Linux (RHEL) versiones anteriores a SG A.11.16.10; permite a atacantes remotos obtener acceso no autorizado mediante vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00860750 http://osvdb.org/33201 http://secunia.com/advisories/24134 http://www.securityfocus.com/bid/22574 http://www.securitytracker.com/id?1017655 http://www.vupen.com/english/advisories/2007/0619 •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." Múltiples desbordamientos de búfer en ulogd para SUSE Linux versiones 9.3 hasta 10.1, y posiblemente otras distribuciones, presenta un impacto desconocido y vectores de ataque relacionados con "improper string length calculations." • http://osvdb.org/32939 http://secunia.com/advisories/23863 http://secunia.com/advisories/24524 http://security.gentoo.org/glsa/glsa-200703-17.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:028 http://www.novell.com/linux/security/advisories/2007_01_sr.html http://www.securityfocus.com/bid/22139 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.1EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9, under unspecified conditions, allows local users to log in to the console without a password. Vulnerabilidad sin especificar en el Linux User Management (novell-lum) de SUSE Linux Enterprise Desktop 10 y Open Enterprise Server 9, bajo condiciones sin especificar, permite a usuarios locales validarse en la consola sin contraseña. • http://secunia.com/advisories/23409 http://www.novell.com/linux/security/advisories/2006_29_sr.html • CWE-264: Permissions, Privileges, and Access Controls •