read write software vulnerabilities
vulnerabilities.aspcode.net
Searching read write software vulnerabilities
NFS allows attackers to read and write any file
specifying
|
attackers
|
system
|
allows
|
false
|
write
|
read
|
file
|
UID
|
NFS
|
any
|
NFS allows attackers to read and write any file on the system by specifying a false UID.
Slackware Linux 3.4 pkgtool allows local attack
arbitrary
|
Slackware
|
attacker
|
symlink
|
pkgtool
|
allows
|
attack
|
reply
|
files
|
Linux
|
local
|
write
|
file
|
read
|
via
|
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
Crosscom/Olicom XLT-F running XL 80 IM Version
Crosscom/Olicom
|
undocumented
|
community
|
attacker
|
default
|
running
|
Version
|
string
|
access
|
'ILMI'
|
allows
|
remote
|
Build
|
XLT-F
|
write
|
Level
|
SNMP
|
read
|
via
|
Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'.
Directory traversal vulnerability in Nudester 1
vulnerability
|
traversal
|
Directory
|
Nudester
|
Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command.
The default configuration of DataWizard FtpXQ 2
configuration
|
DataWizard
|
arbitrary
|
attackers
|
password
|
username
|
includes
|
default
|
folder
|
remote
|
allows
|
files
|
FtpXQ
|
which
|
write
|
read
|
root
|
The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder.
ghostscript before 6.51 allows local users to r
ghostscript
|
before
|
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.
Vulnerability in the MIT-SHM extension of the X
Vulnerability
|
extension
|
MIT-SHM
|
server
|
Linux
|
Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.
simpleinit on Linux systems does not close a re
read/write
|
descriptor
|
simpleinit
|
privileges
|
arbitrary
|
creating
|
programs
|
process
|
systems
|
execute
|
allows
|
before
|
cause
|
close
|
Linux
|
child
|
which
|
root
|
does
|
FIFO
|
file
|
not
|
simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges.
Unknown vulnerability or vulnerabilities in HP
vulnerabilities
|
vulnerability
|
OpenView
|
EMANATE
|
Unknown
|
Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.
Microsoft Internet Information Server (IIS) 4.0
Information
|
Microsoft
|
Internet
|
Server
|
Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running.
Linksys WAP55AG 1.07 allows remote attackers wi
WAP55AG
|
Linksys
|
Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2.
rsync before 2.6.1 does not properly sanitize p
before
|
rsync
|
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.
Directory traversal vulnerability in the saniti
vulnerability
|
sanitize_path
|
Directory
|
traversal
|
function
|
rsync
|
utilc
|
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
Unknown vulnerability in the SG_IO functionalit
functionality
|
vulnerability
|
unauthorized
|
operations
|
read-only
|
Unknown
|
perform
|
access
|
bypass
|
ide-cd
|
allows
|
erase
|
write
|
SG_IO
|
local
|
users
|
Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations.
AFP Server on Mac OS X 10.3.x to 10.3.5, under
Server
|
103x
|
Mac
|
AFP
|
AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.
Cisco VACM (View-based Access Control MIB) for
Cisco
|
VACM
|
Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.
Race condition in the sysfs_read_file and sysfs
sysfs_write_file
|
sysfs_read_file
|
functions
|
condition
|
kernel
|
before
|
Linux
|
Race
|
Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.
Directory traversal vulnerability in the readFi
vulnerability
|
writeFile
|
Directory
|
traversal
|
readFile
|
Maxthon
|
API
|
Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files.
lharc.c in lha does not securely create tempora
temporary
|
creating
|
securely
|
invoked
|
lharcc
|
create
|
before
|
local
|
users
|
write
|
allow
|
files
|
which
|
might
|
file
|
does
|
read
|
lha
|
not
|
lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.
The SNMP implementation in the Cisco Wireless L
implementation
|
Controller
|
Wireless
|
Cisco
|
SNMP
|
LAN
|
The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before Thursday, April 19, 2007 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384.
Software vulnerabilities results 1 to 20 of 1537
Page:
1
2
3
4
5
...
77
►