Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rpath vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2017-13130
mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.
Bmc Patrol -
641
VMScore
CVE-2008-1078
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
Rpath Rpath Linux
Gentoo Linux
641
VMScore
CVE-2007-0536
The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges.
Rpath Rpath Linux 1
641
VMScore
CVE-2005-4595
Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory.
Gentoo Nview 4.51
Gentoo Xnview 1.70
614
VMScore
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Bmc Patrol Agent 3.9.00
614
VMScore
CVE-2008-3279
Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Mielke Brltty 3.7.2
614
VMScore
CVE-2008-4832
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: expl...
Rpath Initscripts 8.56.15-0.1
Rpath Initscripts 8.12-8.21
614
VMScore
CVE-2007-5194
The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain root privileges.
Rpath Rmake 1.0.11
578
VMScore
CVE-2008-2139
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate malicious users to gain privileges and maintain c...
Rpath Appliance Platform Agent 2
Rpath Appliance Platform Agent 3
445
VMScore
CVE-2008-3139
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 up to and including 1.0.0 allows remote malicious users to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
Rpath Rpath Linux 1
Wireshark Wireshark 0.9.5
Wireshark Wireshark 0.99.8
Wireshark Wireshark 1.0
Wireshark Wireshark 0.99.4
Wireshark Wireshark 0.99.5
Wireshark Wireshark 0.99.6
Wireshark Wireshark 0.99.7
Wireshark Wireshark 0.99.2
Wireshark Wireshark 0.99.3
Wireshark Wireshark 1.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »