04/11/2005 01:45 PM
Posted by Imran Ghory, Apr 06 2005
Citadel/UX 6.20 fixes local permissions
vulnerability
Citadel/UX 6.20 fixes local permissions
vulnerability
04/12/2004 04:55 PM
IO ERROR (Apr 12 2004)
File-Find-Rule-Permissions-1.2
File-Find-Rule-Permissions-1.2
12/17/2003 06:04 PM
serverview 3.0 - insecure file
permissions
serverview 3.0 - insecure file
permissions
09/06/2004 04:11 PM
Rene (Sep 06 2004)
Mac OS X Systemic Insecure File
Permissions
Mac OS X Systemic Insecure File
Permissions
10/28/2003 11:06 PM
_at_stake Advisories (Oct 28 2003)
PHP Magazine: Finding File Permissions
PHP Magazine: Finding File Permissions
12/11/2003 08:28 AM
From
PHP Magazine this morning:
If you have been wondering how to use PHP to view the file permission,
then the threads to a post on php-general may just provide the
answers. Here's what the post seeked to find: The chmod() function for PHP is nice
but it wouldn't work if the ownership file permission is set. How does
one view the file/folder permission to see if it has the neccessary
permission before proceeding.
Insecure file permissions in the Firefox
browser for Linux >= v0.9
Insecure file permissions in the Firefox
browser for Linux >= v0.9
09/13/2004 02:54 PM
Max (Sep 13 2004)
Check Point - Zone Labs Division -
Response to "Weak Default Permissions
Vulnerability"
Check Point - Zone Labs Division -
Response to "Weak Default Permissions
Vulnerability"
08/27/2004 01:32 PM
Zone Labs Product Security (Aug 25 2004)
gzip vs. bzip2 vs. rzip
gzip vs. bzip2 vs. rzip
04/09/2004 04:00 PM
For a short article in the June issue of Linux Magazine, I needed to
compare the relative performance of gzip, bzip2, and rzip. I used a
180MB mbox file, consisting of my non-spam e-mail from last month. (I
know, it's only one test and doesn't represent how the tools will work
on other data sets.) command cpu time new size ------- --------
-------- gzip 17.63 sec 87 MB gzip -9 23.26 sec 87 MB bzip2 -9 114.90
sec 76 MB...
PHPlist, file injection vulnerability
PHPlist, file injection vulnerability
11/14/2003 02:51 PM
Michiel Dethmers (Nov 14 2003)
[SCSA-024] BES-CMS including file
vulnerability
[SCSA-024] BES-CMS including file
vulnerability
12/20/2003 06:07 PM
Security Corporation Security Advisory (Dec 20 2003)
BNCweb File Disclosure Vulnerability
BNCweb File Disclosure Vulnerability
12/09/2003 01:22 PM
Matthias Bethke (Dec 08 2003)
allery Arbitrary File Upload
Vulnerability
allery Arbitrary File Upload
Vulnerability
08/28/2004 01:14 AM
Direct and Related Links for
'allery Arbitrary File Upload Vulnerability'
“aCiDBiTS has reported a vulnerability in Gallery,
potentially allowing malicious people to compromise a vulnerable
system. The problem is that “save_photos.php” stores
uploaded files in a temporary folder before processing them without
checking if they are valid images files. This allows malicious people
to upload and execute arbitrary code if the temporary folder is
accessible from remote. This has been reported to affect version
1.4.4. Prior versions may also be affected. NOTE: This only
affects…
Adobe Acrobat Reader PDF file DoS
vulnerability
Adobe Acrobat Reader PDF file DoS
vulnerability
04/12/2004 04:55 PM
Arman Nayyeri (Apr 10 2004)
Props 0.6.1 XSS and Remote File Viewing
Vulnerability
Props 0.6.1 XSS and Remote File Viewing
Vulnerability
05/01/2004 11:51 AM
Manuel Lopez (Apr 30 2004)
Gallery Arbitrary File Upload
Vulnerability
Gallery Arbitrary File Upload
Vulnerability
08/28/2004 11:25 AM
Direct and Related Links for
'Gallery Arbitrary File Upload Vulnerability'
“aCiDBiTS has reported a vulnerability in Gallery,
potentially allowing malicious people to compromise a vulnerable
system. The problem is that “save_photos.php” stores
uploaded files in a temporary folder before processing them without
checking if they are valid images files. This allows malicious people
to upload and execute arbitrary code if the temporary folder is
accessible from remote. This has been reported to affect version
1.4.4. Prior versions may also be affected. NOTE: This only
affects…
cdwrite 1.3 insecure tmp file handling
vulnerability.
cdwrite 1.3 insecure tmp file handling
vulnerability.
12/08/2003 12:56 PM
Shaun Colley (Dec 06 2003)
WWW File Share Pro HTTP Request DoS
Vulnerability
WWW File Share Pro HTTP Request DoS
Vulnerability
07/26/2004 02:19 AM
Direct and Related
Links for 'WWW File Share Pro HTTP Request DoS Vulnerability'
“nekd0 has reported a vulnerability in WWW File share Pro,
which can be exploited by malicious people to cause a DoS (Denial of
Service)….The vulnerability has been reported in version 2.60.
Other versions may also be affected. Solution: Filter requests using a
firewall or proxy server. Use another product.”…
[Opera 7] Arbitrary File Delete
Vulnerability
[Opera 7] Arbitrary File Delete
Vulnerability
12/23/2003 02:10 PM
:: Operash :: (Dec 22 2003)
Easy File Sharing Web Server
Vulnerability
Easy File Sharing Web Server
Vulnerability
08/30/2004 02:32 AM
Direct and Related Links for
'Easy File Sharing Web Server Vulnerability'
“Critical: Moderately critical Impact: Exposure of system
information, Exposure of sensitive information Where: From remote
Solution Status: Unpatched. James Bercegay has discovered a
vulnerability in Easy File Sharing Web Server, which can be exploited
by malicious people to access sensitive information. A problem caused
due to insufficient restrictions on the web server’s virtual
folders can be exploited to retrieve arbitrary files from a vulnerable
system. Example: http://[victim]/disk_c The vulnerability has been
confirmed on version 1.25….
bzip2 bombs still causes problems in
antivirus-software
bzip2 bombs still causes problems in
antivirus-software
01/09/2004 09:51 PM
Dr. Peter Bieringer (Jan 09 2004)
Microsoft Internet Explorer BMP file
memory DoS vulnerability
Microsoft Internet Explorer BMP file
memory DoS vulnerability
04/13/2004 01:58 AM
Arman Nayyeri (Apr 10 2004)
osCommerce File Manager Directory
Traversal Vulnerability
osCommerce File Manager Directory
Traversal Vulnerability
03/22/2005 05:13 PM
Megasky (Mar 22 2005)
RE: Microsoft Outlook Express EML file
Crash vulnerability
RE: Microsoft Outlook Express EML file
Crash vulnerability
04/14/2004 03:47 PM
Kamran Muzaffer (Apr 13 2004)
Jacks FormMail.php remote file access
vulnerability
Jacks FormMail.php remote file access
vulnerability
01/01/2005 06:43 PM
Hack Hawk (Dec 31 2004)
File inclusion and XSS vulnerability in
E-Store Kit-2 PayPal Edition
File inclusion and XSS vulnerability in
E-Store Kit-2 PayPal Edition
03/27/2005 07:39 AM
dcrab_at_hackerscenter.com (Mar 25 2005)
Re: osCommerce File Manager Directory
Traversal Vulnerability
Re: osCommerce File Manager Directory
Traversal Vulnerability
03/23/2005 04:53 PM
Aikanáro Calaelen (Mar 22 2005)
Macromedia ColdFusion MX Updater File
Disclosure Vulnerability
Macromedia ColdFusion MX Updater File
Disclosure Vulnerability
04/08/2005 03:42 PM
frSIRT Apr 8 2005 5:26PM GMT
Insecure Temporary File Creation
Vulnerability in Net-Acct
Insecure Temporary File Creation
Vulnerability in Net-Acct
09/08/2004 02:53 PM
Jérôme (Sep 07 2004)
PHP Remote Arbitrary Location File
Upload Vulnerability
PHP Remote Arbitrary Location File
Upload Vulnerability
12/25/2004 04:47 PM
Community News: File Upload
Vulnerability Posted
Community News: File Upload
Vulnerability Posted
12/27/2004 09:08 AM
In a new note from SecurityFocu
s and
PHP Magazine, another PHP vulnerability has been brought to
light.
php-Calendar File Include Vulnerability
[ Command Exec ]
php-Calendar File Include Vulnerability
[ Command Exec ]
12/29/2004 02:18 PM
GulfTech Security (Dec 29 2004)
Vulnerability: Arbitrary File Access &
DoS in Crystal Reports
Vulnerability: Arbitrary File Access &
DoS in Crystal Reports
06/08/2004 03:27 PM
Imperva Application Defense Center (Jun 08 2004)
Grok Description matches for bzip2 TOCTOU file-permissions vulnerability
GrokA matches for bzip2 TOCTOU file-permissions vulnerability
bzip2 TOCTOU file-permissions vulnerability
