CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-9278 – openssh: ~/.k5users unexpectedly grants remote login
https://notcve.org/view.php?id=CVE-2014-9278
06 Dec 2014 — The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login. El servidor OpenSSH, utilizado en Fedora y Red Hat Enterprise Linux 7 y cuando funciona en un entorno Kerberos, permite a usuarios remotos autenticados iniciar sesión como otro usuario cuando est... • http://rhn.redhat.com/errata/RHSA-2015-0425.html • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 270EXPL: 0CVE-2011-1011 – policycoreutils: insecure temporary directory handling in seunshare
https://notcve.org/view.php?id=CVE-2011-1011
24 Feb 2011 — The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp... • http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 1CVE-2008-2575
https://notcve.org/view.php?id=CVE-2008-2575
06 Jun 2008 — cbrPager before 0.9.17 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a (1) ZIP (aka .cbz) or (2) RAR (aka .cbr) archive filename. cbrPager anteriores a 0.9.17, permite a atacantes remotos asistidos por el usuario ejecutar comandos de su elección a través de metacaracteres de consola en un archivo con nombre de fichero (1) ZIP (aka .cbz) o (2) RAR (aka .cbr). • http://cvs.fedoraproject.org/viewcvs/rpms/cbrpager/devel/cbrpager-0.9.16-filen-shell-escaping.patch?rev=1.2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 18%CPEs: 6EXPL: 5CVE-2007-5962 – vsftpd 2.0.5 - 'CWD' (Authenticated) Remote Memory Consumption
https://notcve.org/view.php?id=CVE-2007-5962
22 May 2008 — Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option. Filtrado de memoria en cierto parche de Red Hat, aplicado a vsftpd 2.0.5 vsftpd 2.0.5 sobre Red Hat Enterprise Linux (RHEL) 5, Fedora 6 a la 8, Foresi... • https://www.exploit-db.com/exploits/5814 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1796
https://notcve.org/view.php?id=CVE-2008-1796
15 Apr 2008 — Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service. Comix 3.6.4 crea directorios temporales con nombres previsibles, lo cual permite a usuarios locales provocar una denegación de servicio no especificada. • http://secunia.com/advisories/29956 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2008-1567
https://notcve.org/view.php?id=CVE-2008-1567
31 Mar 2008 — phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information. phpMyAdmin versiones anteriores a 2.11.5.1, almacena la clave secreta MySQL de (1) nombre de usuario (2) contraseña, y (3) Blowfish, en texto sin cifrar en un archivo de Sesión bajo /tmp, que permite a los usuarios locales obtener información confidencial. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 9.8EPSS: 6%CPEs: 6EXPL: 0CVE-2008-1552
https://notcve.org/view.php?id=CVE-2008-1552
31 Mar 2008 — The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow. NOTE: the researcher describes this as an integer overflow, but CVE uses the "underflow" term in cases of wraparound from unsigned subtraction. La función silc_pkc... • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2008-1290
https://notcve.org/view.php?id=CVE-2008-1290
24 Mar 2008 — ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion (SVN) commits, which allows remote attackers to obtain sensitive information. ViewVC antes de 1.0.5 incluye archivos "all-forbidden" (todo prohibido) dentro de resultados de búsqueda que listan asignaciones CVS o Subversion (SVN), lo que permite a atacantes remotos obtener información sensible. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471380 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2008-1291
https://notcve.org/view.php?id=CVE-2008-1291
24 Mar 2008 — ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder. ViewVC before 1.0.5 almacena información sensible bajo la raíz web con un control de acceso insuficiente, lo que permite a atacantes remotos leer archivos y listar carpetas bajo la carpeta oculta CVSROOT. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471380 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2008-1292
https://notcve.org/view.php?id=CVE-2008-1292
24 Mar 2008 — ViewVC before 1.0.5 provides revision metadata without properly checking whether access was intended, which allows remote attackers to obtain sensitive information by reading (1) forbidden pathnames in the revision view, (2) log history that can only be reached by traversing a forbidden object, or (3) forbidden diff view path parameters. ViewVC before 1.0.5 proporciona revisión de metadatos sin comprobar correctamente si el acceso fue intencionado, lo que permite a atacantes remotos obtener información sens... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471380 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •