CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1551
https://notcve.org/view.php?id=CVE-2011-1551
SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ directory tree to the web-service user account, which might allow local users to gain privileges by leveraging access to this account during root filesystem operations by the Cobbler daemon. SUSE openSUSE Factory asigna al propietario del directorio /var/log/cobbler/ cuentas de usuario web-service, lo que permite a usuarios locales obtener privilegios aprovechando el acceso a esta cuenta durante operaciones en el sistema de ficheros por el demonio Cobbler • http://openwall.com/lists/oss-security/2011/03/23/11 https://exchange.xforce.ibmcloud.com/vulnerabilities/66487 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1550
https://notcve.org/view.php?id=CVE-2011-1550
The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories for the (1) cobbler, (2) inn, (3) safte-monitor, and (4) uucp packages. La configuración por defecto de logrotate en SUSE openSUSE Factory utiliza privilegios de administrador para procesar ficheros en directorios que permite a un no-adminitrador acceso de escritura, lo que permite a usuarios locales conducir ataques de enlace simbólico y enlace fijo aprovechándose de la falta de soporte en logrotate para directorios no confiables, como se demostró en directorios para el (1) cobbler, (2) inn, (3) safte-monitor, y (4) paquetes uccp. • http://openwall.com/lists/oss-security/2011/03/04/16 http://openwall.com/lists/oss-security/2011/03/04/17 http://openwall.com/lists/oss-security/2011/03/04/18 http://openwall.com/lists/oss-security/2011/03/04/19 http://openwall.com/lists/oss-security/2011/03/04/22 http://openwall.com/lists/oss-security/2011/03/04/24 http://openwall.com/lists/oss-security/2011/03/04/25 http://openwall.com/lists/oss-security/2011/03/04/26 http://openwal • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 88%CPEs: 3EXPL: 3CVE-2010-4228 – Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4228
Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4. Desbordamiento de búfer basado en pila en NWFTPD.NLM anteriores a v5.10.02 en el servidor FTP en Novell NetWare, permite a usuarios remotos autenticados ejecutar código de su elección o provocar una denegación de servicio (abend) a través de un comando DELE, es una vulnerabilidad distinta que CVE-2010-0625.4 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is required to exploit this vulnerability. The flaw exists within NWFTPD.NLM. When handling the argument provided to the DELE command the application copies user supplied data to a fixed length stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the super user. • https://www.exploit-db.com/exploits/17020 http://secunia.com/advisories/43824 http://securityreason.com/securityalert/8149 http://www.novell.com/support/viewContent.do?externalId=3238588 http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=25&Itemid=25 http://www.securityfocus.com/bid/46922 http://www.zerodayinitiative.com/advisories/ZDI-11-106 https://bugzilla.novell.com/show_bug.cgi?id=641249 https://exchange.xforce.ibmcloud.com/vulnerabilities/66170 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 21%CPEs: 1EXPL: 0CVE-2011-0464
https://notcve.org/view.php?id=CVE-2011-0464
Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad sin especificar en Novell Vibe OnPrem 3.0 en versiones anteriores a Hot Patch 1 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. • http://secunia.com/advisories/43606 http://securitytracker.com/id?1025163 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5088845.html http://www.osvdb.org/70956 http://www.securityfocus.com/bid/46672 http://www.vupen.com/english/advisories/2011/0592 https://exchange.xforce.ibmcloud.com/vulnerabilities/65865 •
CVSS: 10.0EPSS: 94%CPEs: 8EXPL: 4CVE-2010-4227 – Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4227
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow. La función xdrDecodeString en XNFS.NLM en Novell Netware v6.5 anterior a SP8 permite a atacantes remotos provocar una denegación de servicio o ejecutar código arbitrario a través de un valor firmado manipulado en una peticion RPC NFS para el puerto UDP 1234, dando lugar a un desbordamiento de búfer basado en pila. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is not required to exploit this vulnerability. The flaw exists within the XNFS.NLM component which listens by default on UDP port 1234. When handling the an NFS RPC request the xdrDecodeString function uses a user supplied length value to null terminate a string. • https://www.exploit-db.com/exploits/16234 http://download.novell.com/Download?buildid=1z3z-OsVCiE~ http://secunia.com/advisories/43431 http://securityreason.com/securityalert/8104 http://www.exploit-db.com/exploits/16234 http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=24&Itemid=24 http://www.securityfocus.com/archive/1/516645/100/0/threaded http://www.securityfocus.com/bid/46535 http://www.securitytracker.com/id?1025119 http://www.vupen.com/english& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •