CVSS: 9.8EPSS: 0%CPEs: 141EXPL: 0CVE-2010-1161
https://notcve.org/view.php?id=CVE-2010-1161
16 Apr 2010 — Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files. Condición Race en GNU nano anterior v2.2.4, cuando se ejecuta como root edita un fichero que no es propiedad de root, permitiendo a atacantes locales asistidos por usuario cambiar el propietario de ficheros de su elección a través de vectores relacionados en la creación de fiche... • http://drosenbe.blogspot.com/2010/03/nano-as-root.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 0%CPEs: 141EXPL: 0CVE-2010-1160
https://notcve.org/view.php?id=CVE-2010-1160
16 Apr 2010 — GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim. GNU nano anterior v2.2.4 no verificansi un fichero hasido cambiado antes de ser sobreescrito en una operación de salvado, lo que permite a atacantes locales asistidos por usuario escribir en archivos de su elección a través de un ataque... • http://drosenbe.blogspot.com/2010/03/nano-as-root.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2010-0825
https://notcve.org/view.php?id=CVE-2010-0825
05 Apr 2010 — lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks. El fichero lib-src/movemail.c en la función movemail de emacs v22 y v23 permite a usuarios locales leer, modificar o borrar archivos de buzón aleatorios mediante un ataque de enlace simbólico, ocasionado por una comprobacion inadecuada de permisos de archivos. • http://secunia.com/advisories/39155 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 2%CPEs: 22EXPL: 2CVE-2010-0731 – gnutls: gnutls_x509_crt_get_serial incorrect serial decoding from ASN1 (BE64) [GNUTLS-SA-2010-1]
https://notcve.org/view.php?id=CVE-2010-0731
26 Mar 2010 — The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number. La función gnutls_x509_crt_get_serial en la librería GnuTLS anterior a v1.2.1, cunado se está ejecu... • http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 36EXPL: 1CVE-2010-0624 – cpio: Heap-based buffer overflow by expanding a specially-crafted archive
https://notcve.org/view.php?id=CVE-2010-0624
12 Mar 2010 — Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. Desbordamiento de búfer basado en pila en la función rmt_read__ en lib/rtapelib.c en la funcionalidad de cliente rmt en GNU tar anterior v1.23 y... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 8%CPEs: 15EXPL: 0CVE-2009-2624 – Gentoo Linux Security Advisory 201412-08
https://notcve.org/view.php?id=CVE-2009-2624
29 Jan 2010 — The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression. La función huft_build en inflate.c en gzip anterior a v1.3.13 crea una tabla hufts (también conocido como huffman) demasiado pequeña, lo que permite a atacantes remotos provocar una dene... • http://article.gmane.org/gmane.comp.gnu.gzip.bugs/258 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 4%CPEs: 16EXPL: 0CVE-2010-0001 – gzip: (64 bit) Integer underflow by decompressing LZW format files
https://notcve.org/view.php?id=CVE-2010-0001
29 Jan 2010 — Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error. Desbordamiento de entero en la función unlzw en unlzw.c en gzip anterior a v1.4 sobre las plataformas de 64 bits, permiten a atacantes remotos provocar una denegación de servicio (caída de ... • http://git.savannah.gnu.org/cgit/gzip.git/commit/?id=a3db5806d012082b9e25cc36d09f19cd736a468f • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 2%CPEs: 2EXPL: 0CVE-2010-0015
https://notcve.org/view.php?id=CVE-2010-0015
14 Jan 2010 — nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function. nis/nss_nis/nis-pwd.c en GNU C Library (también conocido como glibc o libc6) v2.7 y Embedded GLIBC (EGLIBC) v2.10.2, añade información desde el mapa passwd.adjunct.byname a las entradas en el mapa "passwd", lo que... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333 • CWE-255: Credentials Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2010-0002 – GNU Bash 4.0 - 'ls' Control Character Command Injection
https://notcve.org/view.php?id=CVE-2010-0002
14 Jan 2010 — The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename. La secuencia de comandos /etc/profile.d/60alias.sh en el paquete Mandriva bash para Bash v2.05b, v3.0, v3.2, v3.2.48, y v4.0 activa la opción --show-control-chars en LS_OPTIONS, lo que permite a usuarios locales enviar ... • https://www.exploit-db.com/exploits/33508 • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 1CVE-2009-4029 – Automake: Race condition by creation of "distdir" based directory hierarchy
https://notcve.org/view.php?id=CVE-2009-4029
20 Dec 2009 — The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete. Las reglas (1) dist o (2) distcheck en GNU Automake v1.11.1, v1.1... • http://lists.gnu.org/archive/html/automake-patches/2009-11/msg00017.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •