CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-6745
https://notcve.org/view.php?id=CVE-2007-6745
clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. clamav versión 0.91.2, sufre de una excepción de coma flotante cuando usa ScanOLE2. • http://www.openwall.com/lists/oss-security/2012/03/29/2 https://access.redhat.com/security/cve/cve-2007-6745 https://security-tracker.debian.org/tracker/CVE-2007-6745 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2007-5743
https://notcve.org/view.php?id=CVE-2007-5743
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option. viewvc versión 1.0.3, permite un control de acceso inapropiado a los archivos en un repositorio cuando es usada la opción de configuración "forbidden". • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416696 https://security-tracker.debian.org/tracker/CVE-2007-5743 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1429
https://notcve.org/view.php?id=CVE-2013-1429
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. Lintian versiones anteriores a 2.5.12, permite a atacantes remotos recabar información sobre el sistema "host" utilizando enlaces simbólicos diseñados. • https://bugs.launchpad.net/ubuntu/+source/lintian/+bug/1169636 https://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1429.html https://security-tracker.debian.org/tracker/CVE-2013-1429 https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1113881.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-1425
https://notcve.org/view.php?id=CVE-2013-1425
ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions. ldap-git-backup versiones anteriores a 1.0.4, expone hashes de contraseña debido a permisos de directorio incorrectos. • https://github.com/elmar/ldap-git-backup/commit/a90f3217fce87962db82d212f73af70693087124 https://security-tracker.debian.org/tracker/CVE-2013-1425 https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1096253.html • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-2450
https://notcve.org/view.php?id=CVE-2010-2450
The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default. El script keygen.sh en Shibboleth SP 2.0 (ubicado en /usr/local/etc/shibboleth por defecto) utiliza OpenSSL para crear una clave privada DES que es colocada en el archivo sp-key.pm. Se basa en la umask root (predeterminado 22) en lugar de chmoding del archivo resultante en sí mismo, por lo que la clave privada generada es de tipo world readable por defecto. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631 https://security-tracker.debian.org/tracker/CVE-2010-2450 https://todos.internet2.edu/browse/SSPCPP-106 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-916: Use of Password Hash With Insufficient Computational Effort •