19 results (0.015 seconds)

CVSS: 3.7EPSS: 0%CPEs: 104EXPL: 0

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://rhn.redhat.com/errata/RHSA-2005-357.html http://secunia.com/advisories/18100 http://secunia.com/advisories/21253 http://secunia.com/advisories/22033 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1 http://www& •

CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. • http://secunia.com/advisories/13863 http://securitytracker.com/id?1012903 http://www.debian.org/security/2005/dsa-639 http://www.redhat.com/support/errata/RHSA-2005-512.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18906 https://access.redhat.com/security/cve/CVE-2004-1175 https://bugzilla.redhat.com/show_bug.cgi?id=1617387 •

CVSS: 5.0EPSS: 0%CPEs: 47EXPL: 0

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. • http://secunia.com/advisories/13863 http://www.debian.org/security/2005/dsa-639 http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/18904 •

CVSS: 5.0EPSS: 0%CPEs: 47EXPL: 0

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." • http://secunia.com/advisories/13863 http://securitytracker.com/id?1012903 http://www.debian.org/security/2005/dsa-639 http://www.redhat.com/support/errata/RHSA-2005-512.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18909 https://access.redhat.com/security/cve/CVE-2004-1174 https://bugzilla.redhat.com/show_bug.cgi?id=1617386 •

CVSS: 5.0EPSS: 0%CPEs: 47EXPL: 0

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. Midnight Commander (mc) 4.5.55 y versiones anteriores, permiten a atacantes remotos causar la Denegación de Servicio (DoS) por bucle infinito mediante un ataque desconocido. • http://secunia.com/advisories/13863 http://www.debian.org/security/2005/dsa-639 http://www.redhat.com/support/errata/RHSA-2005-512.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18903 https://access.redhat.com/security/cve/CVE-2004-1009 https://bugzilla.redhat.com/show_bug.cgi?id=1617347 •