[CLOSE] OSVDB ID : 11834 - Disclosed: 2004-11-15

Description:

(Description Provided by CVE) : fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.

[CLOSE] OSVDB ID : 11835 - Disclosed: 2004-11-15

Description:

(Description Provided by CVE) : fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.

[CLOSE] OSVDB ID : 11836 - Disclosed: 2004-11-15

Description:

(Description Provided by CVE) : fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string.

[CLOSE] OSVDB ID : 11837 - Disclosed: 2004-11-15

Description:

(Description Provided by CVE) : Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.

[CLOSE] OSVDB ID : 11555 - Disclosed: 2004-11-09

Description:

Samba server contains a flaw in ms_fnmatch.c that may allow a malicious user to cause a denial of service. The issue is triggered when a request is made for a resource which contains multiple wildcard characters; this causes the server to fall into a loop whose size grows exponentially with the number of wildcard characters used. It is possible that the flaw may allow a remote server crash, resulting in a loss of availability.

[CLOSE] OSVDB ID : 10464 - Disclosed: 2004-09-30

Description:

Samba contains a flaw that allows a remote attacker to gain access to files outside of the share path under the privileges of the user. With a specifically crafted request, an attacker could potentially access files outside the share's root. The issue is due to the unix_convert() and check_name() functions not properly sanitizing user input supplied via the GET, PUT and DIR commands. Samba treats the resulting input as an absolute path rather than relative path to the share.

[CLOSE] OSVDB ID : 6107 - Disclosed: 2004-05-12

Description:

Several browsers contain a flaw that may allow a remote attacker arbitrary file manipulation. The issue is triggered when a specially crafted telnet URI is parsed by the browser resulting in a loss of integrity.