shares software vulnerabilities
vulnerabilities.aspcode.net
Searching shares software vulnerabilities
A remote attacker can gain access to a file sys
attacker
|
system
|
access
|
remote
|
using
|
file
|
gain
|
can
|
A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares.
The Microsoft Java implementation, as used in I
implementation
|
arbitrary
|
Microsoft
|
attackers
|
Explorer
|
codebase
|
Internet
|
network
|
shares
|
applet
|
allows
|
remote
|
files
|
local
|
used
|
Java
|
read
|
set
|
via
|
tag
|
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL.
The default configuration of Xerox DocuTech 611
configuration
|
DocuTech
|
default
|
Xerox
|
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.
Unknown vulnerability in redhat-config-nfs befo
redhat-config-nfs
|
vulnerability
|
Unknown
|
before
|
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.
KDE 3.2.x and 3.3.0 through 3.3.2, when saving
32x
|
KDE
|
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
Linux VServer 1.27 and earlier, 1.3.9 and earli
VServer
|
Linux
|
Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earlier shares /proc permissions across all virtual and host servers, which allows local users with the ability to set permissions in /proc to obtain system information or cause a denial of service on other virtual servers or the host server.
Sysinternals PsTools before 2.05, including (1)
Sysinternals
|
PsTools
|
before
|
Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping.
fs/exec.c in Linux 2.6, when one thread is trac
fs/execc
|
tracing
|
another
|
service
|
denial
|
memory
|
shares
|
thread
|
users
|
local
|
Linux
|
cause
|
might
|
allow
|
same
|
one
|
map
|
fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.
Software vulnerabilities results 1 to 9 of 9
Page:
1