Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rpath vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2007-5686
initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents s...
Rpath Rpath Linux 1
2 Github repositories
7.2
CVSSv2
CVE-2007-0536
The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges.
Rpath Rpath Linux 1
7.2
CVSSv2
CVE-2008-1078
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
Rpath Rpath Linux
Gentoo Linux
6.9
CVSSv2
CVE-2008-4832
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: expl...
Rpath Initscripts 8.56.15-0.1
Rpath Initscripts 8.12-8.21
6.5
CVSSv2
CVE-2008-2139
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate malicious users to gain privileges and maintain c...
Rpath Appliance Platform Agent 2
Rpath Appliance Platform Agent 3
2.6
CVSSv2
CVE-2008-2140
Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote malicious users to reset the root password as the administrator via a crafted URL.
Rpath Appliance Platform Agent 2
Rpath Appliance Platform Agent 3
6.9
CVSSv2
CVE-2007-5194
The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges.
Rpath Rmake 1.0.11
5
CVSSv2
CVE-2008-3139
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 up to and including 1.0.0 allows remote malicious users to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
Rpath Rpath Linux 1
Wireshark Wireshark 0.9.5
Wireshark Wireshark 0.99.8
Wireshark Wireshark 1.0
Wireshark Wireshark 0.99.4
Wireshark Wireshark 0.99.5
Wireshark Wireshark 0.99.6
Wireshark Wireshark 0.99.7
Wireshark Wireshark 0.99.2
Wireshark Wireshark 0.99.3
Wireshark Wireshark 1.0.0
5
CVSSv2
CVE-2008-3138
The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 up to and including 1.0.0 allow remote malicious users to cause a denial of service (application stop) via unknown vectors.
Wireshark Wireshark 0.99.4
Wireshark Wireshark 0.99.5
Rpath Rpath Linux 1
Wireshark Wireshark 0.99.8
Wireshark Wireshark 1.0
Wireshark Wireshark 0.9.5
Wireshark Wireshark 0.99.2
Wireshark Wireshark 0.99.3
Wireshark Wireshark 1.0.0
Wireshark Wireshark 0.99.6
Wireshark Wireshark 0.99.7
7.1
CVSSv2
CVE-2007-5962
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote malicious users to cause a denial of service (memory consumption) via a large number of CWD comm...
Redhat Enterprise Linux 5.0
Redhat Fedora 6
Redhat Fedora 7
Redhat Fedora 8
Foresight Linux Appliances
Rpath Appliance Platform Agent
3 EDB exploits
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »