Searching write software vulnerabilities

NFS allows attackers to read and write any file

specifying | attackers | system | allows | false | write | read | file | UID | NFS | any |

NFS allows attackers to read and write any file on the system by specifying a false UID.


Buffer overflow in /usr/bin/write in Solaris 2.

/usr/bin/write | privileges | argument | terminal | overflow | Solaris | Buffer | allows | string | local | users | name | gain | long | via |

Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.


Slackware Linux 3.4 pkgtool allows local attack

arbitrary | Slackware | attacker | symlink | pkgtool | allows | attack | reply | files | Linux | local | write | file | read | via |

Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.


screen and rxvt in Red Hat Linux 6.0 do not pro

properly | devices | screen | allows | which | write | other | local | users | Linux | modes | rxvt | ttys | Red | Hat | set | not | tty |

screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.


Red Hat Linux 6.0 installs the /dev/pts file sy

installs | /dev/pts | insecure | devices | system | allows | local | write | users | other | Linux | modes | which | file | Red | tty | Hat |

Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.


OpenLDAP 1.2.11 and earlier improperly installs

OpenLDAP |

OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.


Directory traversal vulnerability in Nudester 1

vulnerability | traversal | Directory | Nudester |

Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command.


The default configuration of DataWizard FtpXQ 2

configuration | DataWizard | arbitrary | attackers | password | username | includes | default | folder | remote | allows | files | FtpXQ | which | write | read | root |

The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder.


ghostscript before 6.51 allows local users to r

ghostscript | before |

ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.


Charities.cron 1.0.2 through 1.6.0 allows local

Charitiescron |

Charities.cron 1.0.2 through 1.6.0 allows local users to write to arbitrary files via a symlink attack on temporary files.


ROX Filer 1.1.9 and 1.2 is installed with world

Filer | ROX |

ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files.


rsync before 2.6.1 does not properly sanitize p

before | rsync |

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.


Buffer overflow in write_packet in control.c fo

write_packet | arbitrary | attackers | controlc | overflow | execute | remote | Buffer | l2tpd | allow | code | may |

Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.


AFP Server on Mac OS X 10.3.x to 10.3.5, under

Server | 103x | Mac | AFP |

AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.


lppasswd in CUPS 1.1.22 ignores write errors wh

lppasswd | CUPS |

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.


Directory traversal vulnerability in the readFi

vulnerability | writeFile | Directory | traversal | readFile | Maxthon | API |

Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files.


The (1) it87 and (2) via686a drivers in I2C for


The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function.


Buffer overflow in ptrace in the Linux Kernel f

architectures | overflow | Buffer | allows | memory | 64-bit | ptrace | Kernel | write | bytes | Linux | local | users | into |

Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.


syslogtocern in Acme thttpd before 2.23 allows

syslogtocern | thttpd | before | Acme |

syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.


Microsoft Windows XP has weak permissions (FILE

permissions | Microsoft | Windows | weak | has |

Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine.


Software vulnerabilities results 1 to 20 of 231     
Page: 12345...12