|
298871
|
- |
|
google
|
chrome_os
|
Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabled, does not prevent changes on the about:flags page, which has unspecified impact and local attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2011-2170
|
2024-11-21 10:27 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298872
|
- |
|
google
|
chrome_os
|
Google Chrome OS before R12 0.12.433.38 Beta allows local users to gain privileges by creating a /var/lib/chromeos-aliases.conf file and placing commands in it.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2169
|
2024-11-21 10:27 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298873
|
- |
|
openbsd
|
openbsd
|
Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APP…
|
CWE-189
Numeric Errors
|
CVE-2011-2168
|
2024-11-21 10:27 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298874
|
- |
|
dovecot
|
dovecot
|
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a scrip…
|
CWE-22
Path Traversal
|
CVE-2011-2167
|
2024-11-21 10:27 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298875
|
- |
|
dovecot
|
dovecot
|
script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveragin…
|
CWE-16
Configuration
|
CVE-2011-2166
|
2024-11-21 10:27 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298876
|
- |
|
dovecot
|
dovecot
|
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of se…
|
CWE-20
Improper Input Validation
|
CVE-2011-1929
|
2024-11-21 10:27 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298877
|
- |
|
apache
|
apr-util
http_server
|
The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infi…
|
CWE-399
Resource Management Errors
|
CVE-2011-1928
|
2024-11-21 10:27 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298878
|
- |
|
watchguard
|
xcs
|
The STARTTLS implementation in WatchGuard XCS 9.0 and 9.1 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2165
|
2024-11-21 10:27 |
2011-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298879
|
- |
|
cmu
|
cyrus_imap_server
|
The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1926
|
2024-11-21 10:27 |
2011-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298880
|
- |
|
netbsd
ihji
|
netbsd
pmake
|
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, re…
|
CWE-59
Link Following
|
CVE-2011-1920
|
2024-11-21 10:27 |
2011-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
