Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for messaging_storage_server by avaya

    CVE-2009-0115 (GCVE-0-2009-0115)

    Vulnerability from nvd – Published: 2009-03-30 16:00 – Updated: 2024-08-07 04:24
    VLAI
    Summary
    The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/34759 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/38794 third-party-advisoryx_refsource_SECUNIA
    http://lists.vmware.com/pipermail/security-announ… mailing-listx_refsource_MLIST
    http://www.debian.org/security/2009/dsa-1767 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/34642 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34694 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/34418 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34710 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://launchpad.net/bugs/cve/2009-0115 x_refsource_MISC
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://kb.juniper.net/InfoCenter/index?page=conte… x_refsource_CONFIRM
    http://kb.juniper.net/InfoCenter/index?page=conte… x_refsource_CONFIRM
    http://download.opensuse.org/update/10.3-test/rep… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2010/0528 vdb-entryx_refsource_VUPEN
    Date Public
    2009-03-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:24:17.823Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SR:2009:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
              },
              {
                "name": "34759",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34759"
              },
              {
                "name": "38794",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38794"
              },
              {
                "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
              },
              {
                "name": "DSA-1767",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1767"
              },
              {
                "name": "34642",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34642"
              },
              {
                "name": "34694",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34694"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
              },
              {
                "name": "34418",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34418"
              },
              {
                "name": "34710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34710"
              },
              {
                "name": "FEDORA-2009-3453",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
              },
              {
                "name": "SUSE-SR:2009:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://launchpad.net/bugs/cve/2009-0115"
              },
              {
                "name": "oval:org.mitre.oval:def:9214",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
              },
              {
                "name": "FEDORA-2009-3449",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
              },
              {
                "name": "ADV-2010-0528",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0528"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-03-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "SUSE-SR:2009:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
            },
            {
              "name": "34759",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34759"
            },
            {
              "name": "38794",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38794"
            },
            {
              "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
            },
            {
              "name": "DSA-1767",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1767"
            },
            {
              "name": "34642",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34642"
            },
            {
              "name": "34694",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34694"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
            },
            {
              "name": "34418",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34418"
            },
            {
              "name": "34710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34710"
            },
            {
              "name": "FEDORA-2009-3453",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
            },
            {
              "name": "SUSE-SR:2009:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://launchpad.net/bugs/cve/2009-0115"
            },
            {
              "name": "oval:org.mitre.oval:def:9214",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
            },
            {
              "name": "FEDORA-2009-3449",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
            },
            {
              "name": "ADV-2010-0528",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0528"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-0115",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SUSE-SR:2009:007",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
                },
                {
                  "name": "34759",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34759"
                },
                {
                  "name": "38794",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38794"
                },
                {
                  "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
                  "refsource": "MLIST",
                  "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
                },
                {
                  "name": "DSA-1767",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1767"
                },
                {
                  "name": "34642",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34642"
                },
                {
                  "name": "34694",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34694"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
                },
                {
                  "name": "34418",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34418"
                },
                {
                  "name": "34710",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34710"
                },
                {
                  "name": "FEDORA-2009-3453",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
                },
                {
                  "name": "SUSE-SR:2009:008",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
                },
                {
                  "name": "http://launchpad.net/bugs/cve/2009-0115",
                  "refsource": "MISC",
                  "url": "http://launchpad.net/bugs/cve/2009-0115"
                },
                {
                  "name": "oval:org.mitre.oval:def:9214",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
                },
                {
                  "name": "FEDORA-2009-3449",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
                },
                {
                  "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691",
                  "refsource": "CONFIRM",
                  "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
                },
                {
                  "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
                  "refsource": "CONFIRM",
                  "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
                },
                {
                  "name": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml",
                  "refsource": "CONFIRM",
                  "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
                },
                {
                  "name": "ADV-2010-0528",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0528"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-0115",
        "datePublished": "2009-03-30T16:00:00.000Z",
        "dateReserved": "2009-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:24:17.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-2812 (GCVE-0-2008-2812)

    Vulnerability from nvd – Published: 2008-07-09 00:00 – Updated: 2024-08-07 09:14
    VLAI
    Summary
    The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.debian.org/security/2008/dsa-1630 vendor-advisoryx_refsource_DEBIAN
    http://www.vupen.com/english/advisories/2008/2063… vdb-entryx_refsource_VUPEN
    http://git.kernel.org/?p=linux/kernel/git/stable/… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    https://usn.ubuntu.com/637-1/ vendor-advisoryx_refsource_UBUNTU
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.openwall.com/lists/oss-security/2008/07/03/2 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/31614 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/31685 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/31341 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/30982 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/31551 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/32103 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/31048 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/30076 vdb-entryx_refsource_BID
    http://secunia.com/advisories/32759 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/32370 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://www.redhat.com/support/errata/RHSA-2008-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/31202 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://kernel.org/pub/linux/kernel/v2.6/ChangeLog… x_refsource_CONFIRM
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/33201 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/31229 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-07-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:14:14.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SA:2008:047",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html"
              },
              {
                "name": "DSA-1630",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1630"
              },
              {
                "name": "ADV-2008-2063",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2063/references"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788"
              },
              {
                "name": "SUSE-SA:2008:038",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html"
              },
              {
                "name": "USN-637-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/637-1/"
              },
              {
                "name": "SUSE-SA:2008:035",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html"
              },
              {
                "name": "[oss-security] 20080703 2.6.25.10 security fixes, please assign CVE id",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2008/07/03/2"
              },
              {
                "name": "31614",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31614"
              },
              {
                "name": "31685",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31685"
              },
              {
                "name": "31341",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31341"
              },
              {
                "name": "SUSE-SA:2008:052",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html"
              },
              {
                "name": "30982",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30982"
              },
              {
                "name": "oval:org.mitre.oval:def:11632",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632"
              },
              {
                "name": "31551",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31551"
              },
              {
                "name": "RHSA-2008:0665",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0665.html"
              },
              {
                "name": "32103",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32103"
              },
              {
                "name": "31048",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31048"
              },
              {
                "name": "30076",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30076"
              },
              {
                "name": "32759",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32759"
              },
              {
                "name": "kernel-tty-dos(43687)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43687"
              },
              {
                "name": "SUSE-SA:2008:037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html"
              },
              {
                "name": "32370",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32370"
              },
              {
                "name": "RHSA-2008:0973",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0973.html"
              },
              {
                "name": "RHSA-2008:0612",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0612.html"
              },
              {
                "name": "31202",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31202"
              },
              {
                "name": "oval:org.mitre.oval:def:6633",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm"
              },
              {
                "name": "SUSE-SA:2008:049",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html"
              },
              {
                "name": "SUSE-SR:2008:025",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
              },
              {
                "name": "33201",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33201"
              },
              {
                "name": "31229",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31229"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "SUSE-SA:2008:047",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html"
            },
            {
              "name": "DSA-1630",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1630"
            },
            {
              "name": "ADV-2008-2063",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2063/references"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788"
            },
            {
              "name": "SUSE-SA:2008:038",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html"
            },
            {
              "name": "USN-637-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/637-1/"
            },
            {
              "name": "SUSE-SA:2008:035",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html"
            },
            {
              "name": "[oss-security] 20080703 2.6.25.10 security fixes, please assign CVE id",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2008/07/03/2"
            },
            {
              "name": "31614",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31614"
            },
            {
              "name": "31685",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31685"
            },
            {
              "name": "31341",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31341"
            },
            {
              "name": "SUSE-SA:2008:052",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html"
            },
            {
              "name": "30982",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30982"
            },
            {
              "name": "oval:org.mitre.oval:def:11632",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632"
            },
            {
              "name": "31551",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31551"
            },
            {
              "name": "RHSA-2008:0665",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0665.html"
            },
            {
              "name": "32103",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32103"
            },
            {
              "name": "31048",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31048"
            },
            {
              "name": "30076",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30076"
            },
            {
              "name": "32759",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32759"
            },
            {
              "name": "kernel-tty-dos(43687)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43687"
            },
            {
              "name": "SUSE-SA:2008:037",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html"
            },
            {
              "name": "32370",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32370"
            },
            {
              "name": "RHSA-2008:0973",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0973.html"
            },
            {
              "name": "RHSA-2008:0612",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0612.html"
            },
            {
              "name": "31202",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31202"
            },
            {
              "name": "oval:org.mitre.oval:def:6633",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm"
            },
            {
              "name": "SUSE-SA:2008:049",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html"
            },
            {
              "name": "SUSE-SR:2008:025",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
            },
            {
              "name": "33201",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33201"
            },
            {
              "name": "31229",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31229"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2008-2812",
        "datePublished": "2008-07-09T00:00:00.000Z",
        "dateReserved": "2008-06-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:14:14.939Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3081 (GCVE-0-2008-3081)

    Vulnerability from nvd – Published: 2008-07-09 00:00 – Updated: 2024-08-07 09:21
    VLAI
    Summary
    Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-06-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:21:35.011Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "29938",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/29938"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=92"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=104"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=98"
              },
              {
                "name": "avaya-mss-ftpstorage-command-execution(43424)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43424"
              },
              {
                "name": "ADV-2008-1945",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/1945/references"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=94"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=93"
              },
              {
                "name": "avaya-mss-tcpip-command-execution(43422)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43422"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=100"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=97"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=102"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-269.htm"
              },
              {
                "name": "46587",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/46587"
              },
              {
                "name": "30777",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30777"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=101"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=99"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=95"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=103"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=96"
              },
              {
                "name": "avaya-mss-nameserver-command-execution(43423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43423"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-06-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified \"input validation\" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "29938",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/29938"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=92"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=104"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=98"
            },
            {
              "name": "avaya-mss-ftpstorage-command-execution(43424)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43424"
            },
            {
              "name": "ADV-2008-1945",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/1945/references"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=94"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=93"
            },
            {
              "name": "avaya-mss-tcpip-command-execution(43422)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43422"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=100"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=97"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=102"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-269.htm"
            },
            {
              "name": "46587",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/46587"
            },
            {
              "name": "30777",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30777"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=101"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=99"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=95"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=103"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=96"
            },
            {
              "name": "avaya-mss-nameserver-command-execution(43423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43423"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified \"input validation\" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "29938",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/29938"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=92",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=92"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=104",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=104"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=98",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=98"
                },
                {
                  "name": "avaya-mss-ftpstorage-command-execution(43424)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43424"
                },
                {
                  "name": "ADV-2008-1945",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/1945/references"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=94",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=94"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=93",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=93"
                },
                {
                  "name": "avaya-mss-tcpip-command-execution(43422)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43422"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=100",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=100"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=97",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=97"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=102",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=102"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-269.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-269.htm"
                },
                {
                  "name": "46587",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/46587"
                },
                {
                  "name": "30777",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30777"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=101",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=101"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=99",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=99"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=95",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=95"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=103",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=103"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=96",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=96"
                },
                {
                  "name": "avaya-mss-nameserver-command-execution(43423)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43423"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3081",
        "datePublished": "2008-07-09T00:00:00.000Z",
        "dateReserved": "2008-07-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:21:35.011Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5830 (GCVE-0-2007-5830)

    Vulnerability from nvd – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47
    VLAI
    Summary
    Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input validation."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://osvdb.org/38482 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/27505 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/26295 vdb-entryx_refsource_BID
    Date Public
    2007-11-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:47:00.405Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm"
              },
              {
                "name": "38482",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38482"
              },
              {
                "name": "27505",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27505"
              },
              {
                "name": "26295",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26295"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to \"input validation.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-11-09T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm"
            },
            {
              "name": "38482",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38482"
            },
            {
              "name": "27505",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27505"
            },
            {
              "name": "26295",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26295"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5830",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to \"input validation.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm"
                },
                {
                  "name": "38482",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38482"
                },
                {
                  "name": "27505",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27505"
                },
                {
                  "name": "26295",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26295"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5830",
        "datePublished": "2007-11-05T19:00:00.000Z",
        "dateReserved": "2007-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:47:00.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1058 (GCVE-0-2006-1058)

    Vulnerability from nvd – Published: 2006-04-04 10:00 – Updated: 2024-08-07 16:56
    VLAI
    Summary
    BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/25098 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/17330 vdb-entryx_refsource_BID
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/19477 third-party-advisoryx_refsource_SECUNIA
    http://bugs.busybox.net/view.php?id=604 x_refsource_CONFIRM
    http://secunia.com/advisories/25848 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://www.redhat.com/support/errata/RHSA-2007-02… vendor-advisoryx_refsource_REDHAT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2005-12-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:56:15.493Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "25098",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25098"
              },
              {
                "name": "17330",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17330"
              },
              {
                "name": "oval:org.mitre.oval:def:9483",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483"
              },
              {
                "name": "19477",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19477"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.busybox.net/view.php?id=604"
              },
              {
                "name": "25848",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25848"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm"
              },
              {
                "name": "RHSA-2007:0244",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0244.html"
              },
              {
                "name": "busybox-passwd-weak-security(25569)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25569"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-12-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "25098",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25098"
            },
            {
              "name": "17330",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17330"
            },
            {
              "name": "oval:org.mitre.oval:def:9483",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483"
            },
            {
              "name": "19477",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19477"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.busybox.net/view.php?id=604"
            },
            {
              "name": "25848",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25848"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm"
            },
            {
              "name": "RHSA-2007:0244",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0244.html"
            },
            {
              "name": "busybox-passwd-weak-security(25569)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25569"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-1058",
        "datePublished": "2006-04-04T10:00:00.000Z",
        "dateReserved": "2006-03-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:56:15.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1494 (GCVE-0-2001-1494)

    Vulnerability from nvd – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
    VLAI
    Summary
    script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/16280 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2005-782.html vendor-advisoryx_refsource_REDHAT
    http://seclists.org/bugtraq/2001/Dec/0123.html mailing-listx_refsource_BUGTRAQ
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://seclists.org/bugtraq/2001/Dec/0122.html mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/16785 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_MISC
    http://secunia.com/advisories/18502 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2001-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:58:11.298Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16280",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16280"
              },
              {
                "name": "RHSA-2005:782",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-782.html"
              },
              {
                "name": "20011212 Silly \u0027script\u0027 hardlink bug",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2001/Dec/0123.html"
              },
              {
                "name": "oval:org.mitre.oval:def:10723",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723"
              },
              {
                "name": "20011213 Silly \u0027script\u0027 hardlink bug - fixed",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2001/Dec/0122.html"
              },
              {
                "name": "16785",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16785"
              },
              {
                "name": "util-linux-script-hardlink(7718)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7718"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm"
              },
              {
                "name": "18502",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18502"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16280",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16280"
            },
            {
              "name": "RHSA-2005:782",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-782.html"
            },
            {
              "name": "20011212 Silly \u0027script\u0027 hardlink bug",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2001/Dec/0123.html"
            },
            {
              "name": "oval:org.mitre.oval:def:10723",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723"
            },
            {
              "name": "20011213 Silly \u0027script\u0027 hardlink bug - fixed",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2001/Dec/0122.html"
            },
            {
              "name": "16785",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16785"
            },
            {
              "name": "util-linux-script-hardlink(7718)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7718"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm"
            },
            {
              "name": "18502",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18502"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1494",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16280",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16280"
                },
                {
                  "name": "RHSA-2005:782",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-782.html"
                },
                {
                  "name": "20011212 Silly \u0027script\u0027 hardlink bug",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2001/Dec/0123.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:10723",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723"
                },
                {
                  "name": "20011213 Silly \u0027script\u0027 hardlink bug - fixed",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2001/Dec/0122.html"
                },
                {
                  "name": "16785",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16785"
                },
                {
                  "name": "util-linux-script-hardlink(7718)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7718"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm",
                  "refsource": "MISC",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm"
                },
                {
                  "name": "18502",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18502"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1494",
        "datePublished": "2005-06-21T04:00:00.000Z",
        "dateReserved": "2005-06-21T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:58:11.298Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0115 (GCVE-0-2009-0115)

    Vulnerability from cvelistv5 – Published: 2009-03-30 16:00 – Updated: 2024-08-07 04:24
    VLAI
    Summary
    The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/34759 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/38794 third-party-advisoryx_refsource_SECUNIA
    http://lists.vmware.com/pipermail/security-announ… mailing-listx_refsource_MLIST
    http://www.debian.org/security/2009/dsa-1767 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/34642 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34694 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://secunia.com/advisories/34418 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34710 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://launchpad.net/bugs/cve/2009-0115 x_refsource_MISC
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://kb.juniper.net/InfoCenter/index?page=conte… x_refsource_CONFIRM
    http://kb.juniper.net/InfoCenter/index?page=conte… x_refsource_CONFIRM
    http://download.opensuse.org/update/10.3-test/rep… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2010/0528 vdb-entryx_refsource_VUPEN
    Date Public
    2009-03-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:24:17.823Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SR:2009:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
              },
              {
                "name": "34759",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34759"
              },
              {
                "name": "38794",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38794"
              },
              {
                "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
              },
              {
                "name": "DSA-1767",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1767"
              },
              {
                "name": "34642",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34642"
              },
              {
                "name": "34694",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34694"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
              },
              {
                "name": "34418",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34418"
              },
              {
                "name": "34710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34710"
              },
              {
                "name": "FEDORA-2009-3453",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
              },
              {
                "name": "SUSE-SR:2009:008",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://launchpad.net/bugs/cve/2009-0115"
              },
              {
                "name": "oval:org.mitre.oval:def:9214",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
              },
              {
                "name": "FEDORA-2009-3449",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
              },
              {
                "name": "ADV-2010-0528",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0528"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-03-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "SUSE-SR:2009:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
            },
            {
              "name": "34759",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34759"
            },
            {
              "name": "38794",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38794"
            },
            {
              "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
            },
            {
              "name": "DSA-1767",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1767"
            },
            {
              "name": "34642",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34642"
            },
            {
              "name": "34694",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34694"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
            },
            {
              "name": "34418",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34418"
            },
            {
              "name": "34710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34710"
            },
            {
              "name": "FEDORA-2009-3453",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
            },
            {
              "name": "SUSE-SR:2009:008",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://launchpad.net/bugs/cve/2009-0115"
            },
            {
              "name": "oval:org.mitre.oval:def:9214",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
            },
            {
              "name": "FEDORA-2009-3449",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
            },
            {
              "name": "ADV-2010-0528",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0528"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-0115",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SUSE-SR:2009:007",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
                },
                {
                  "name": "34759",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34759"
                },
                {
                  "name": "38794",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38794"
                },
                {
                  "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
                  "refsource": "MLIST",
                  "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
                },
                {
                  "name": "DSA-1767",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1767"
                },
                {
                  "name": "34642",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34642"
                },
                {
                  "name": "34694",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34694"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
                },
                {
                  "name": "34418",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34418"
                },
                {
                  "name": "34710",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34710"
                },
                {
                  "name": "FEDORA-2009-3453",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
                },
                {
                  "name": "SUSE-SR:2009:008",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
                },
                {
                  "name": "http://launchpad.net/bugs/cve/2009-0115",
                  "refsource": "MISC",
                  "url": "http://launchpad.net/bugs/cve/2009-0115"
                },
                {
                  "name": "oval:org.mitre.oval:def:9214",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
                },
                {
                  "name": "FEDORA-2009-3449",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
                },
                {
                  "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691",
                  "refsource": "CONFIRM",
                  "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
                },
                {
                  "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
                  "refsource": "CONFIRM",
                  "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
                },
                {
                  "name": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml",
                  "refsource": "CONFIRM",
                  "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
                },
                {
                  "name": "ADV-2010-0528",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0528"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-0115",
        "datePublished": "2009-03-30T16:00:00.000Z",
        "dateReserved": "2009-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:24:17.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-2812 (GCVE-0-2008-2812)

    Vulnerability from cvelistv5 – Published: 2008-07-09 00:00 – Updated: 2024-08-07 09:14
    VLAI
    Summary
    The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.debian.org/security/2008/dsa-1630 vendor-advisoryx_refsource_DEBIAN
    http://www.vupen.com/english/advisories/2008/2063… vdb-entryx_refsource_VUPEN
    http://git.kernel.org/?p=linux/kernel/git/stable/… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    https://usn.ubuntu.com/637-1/ vendor-advisoryx_refsource_UBUNTU
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.openwall.com/lists/oss-security/2008/07/03/2 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/31614 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/31685 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/31341 third-party-advisoryx_refsource_SECUNIA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/30982 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/31551 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/32103 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/31048 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/30076 vdb-entryx_refsource_BID
    http://secunia.com/advisories/32759 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/32370 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://www.redhat.com/support/errata/RHSA-2008-06… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/31202 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://kernel.org/pub/linux/kernel/v2.6/ChangeLog… x_refsource_CONFIRM
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/33201 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/31229 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2008-07-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:14:14.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SA:2008:047",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html"
              },
              {
                "name": "DSA-1630",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1630"
              },
              {
                "name": "ADV-2008-2063",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2063/references"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788"
              },
              {
                "name": "SUSE-SA:2008:038",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html"
              },
              {
                "name": "USN-637-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/637-1/"
              },
              {
                "name": "SUSE-SA:2008:035",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html"
              },
              {
                "name": "[oss-security] 20080703 2.6.25.10 security fixes, please assign CVE id",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2008/07/03/2"
              },
              {
                "name": "31614",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31614"
              },
              {
                "name": "31685",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31685"
              },
              {
                "name": "31341",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31341"
              },
              {
                "name": "SUSE-SA:2008:052",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html"
              },
              {
                "name": "30982",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30982"
              },
              {
                "name": "oval:org.mitre.oval:def:11632",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632"
              },
              {
                "name": "31551",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31551"
              },
              {
                "name": "RHSA-2008:0665",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0665.html"
              },
              {
                "name": "32103",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32103"
              },
              {
                "name": "31048",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31048"
              },
              {
                "name": "30076",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/30076"
              },
              {
                "name": "32759",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32759"
              },
              {
                "name": "kernel-tty-dos(43687)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43687"
              },
              {
                "name": "SUSE-SA:2008:037",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html"
              },
              {
                "name": "32370",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32370"
              },
              {
                "name": "RHSA-2008:0973",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0973.html"
              },
              {
                "name": "RHSA-2008:0612",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0612.html"
              },
              {
                "name": "31202",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31202"
              },
              {
                "name": "oval:org.mitre.oval:def:6633",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm"
              },
              {
                "name": "SUSE-SA:2008:049",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html"
              },
              {
                "name": "SUSE-SR:2008:025",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
              },
              {
                "name": "33201",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33201"
              },
              {
                "name": "31229",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/31229"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "SUSE-SA:2008:047",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html"
            },
            {
              "name": "DSA-1630",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1630"
            },
            {
              "name": "ADV-2008-2063",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2063/references"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788"
            },
            {
              "name": "SUSE-SA:2008:038",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html"
            },
            {
              "name": "USN-637-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/637-1/"
            },
            {
              "name": "SUSE-SA:2008:035",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html"
            },
            {
              "name": "[oss-security] 20080703 2.6.25.10 security fixes, please assign CVE id",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2008/07/03/2"
            },
            {
              "name": "31614",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31614"
            },
            {
              "name": "31685",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31685"
            },
            {
              "name": "31341",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31341"
            },
            {
              "name": "SUSE-SA:2008:052",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html"
            },
            {
              "name": "30982",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30982"
            },
            {
              "name": "oval:org.mitre.oval:def:11632",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11632"
            },
            {
              "name": "31551",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31551"
            },
            {
              "name": "RHSA-2008:0665",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0665.html"
            },
            {
              "name": "32103",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32103"
            },
            {
              "name": "31048",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31048"
            },
            {
              "name": "30076",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/30076"
            },
            {
              "name": "32759",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32759"
            },
            {
              "name": "kernel-tty-dos(43687)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43687"
            },
            {
              "name": "SUSE-SA:2008:037",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html"
            },
            {
              "name": "32370",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32370"
            },
            {
              "name": "RHSA-2008:0973",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0973.html"
            },
            {
              "name": "RHSA-2008:0612",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0612.html"
            },
            {
              "name": "31202",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31202"
            },
            {
              "name": "oval:org.mitre.oval:def:6633",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6633"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm"
            },
            {
              "name": "SUSE-SA:2008:049",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html"
            },
            {
              "name": "SUSE-SR:2008:025",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
            },
            {
              "name": "33201",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33201"
            },
            {
              "name": "31229",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/31229"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2008-2812",
        "datePublished": "2008-07-09T00:00:00.000Z",
        "dateReserved": "2008-06-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:14:14.939Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3081 (GCVE-0-2008-3081)

    Vulnerability from cvelistv5 – Published: 2008-07-09 00:00 – Updated: 2024-08-07 09:21
    VLAI
    Summary
    Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-06-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:21:35.011Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "29938",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/29938"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=92"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=104"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=98"
              },
              {
                "name": "avaya-mss-ftpstorage-command-execution(43424)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43424"
              },
              {
                "name": "ADV-2008-1945",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/1945/references"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=94"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=93"
              },
              {
                "name": "avaya-mss-tcpip-command-execution(43422)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43422"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=100"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=97"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=102"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-269.htm"
              },
              {
                "name": "46587",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/46587"
              },
              {
                "name": "30777",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30777"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=101"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=99"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=95"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=103"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.voipshield.com/research-details.php?id=96"
              },
              {
                "name": "avaya-mss-nameserver-command-execution(43423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43423"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-06-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified \"input validation\" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "29938",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/29938"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=92"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=104"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=98"
            },
            {
              "name": "avaya-mss-ftpstorage-command-execution(43424)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43424"
            },
            {
              "name": "ADV-2008-1945",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/1945/references"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=94"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=93"
            },
            {
              "name": "avaya-mss-tcpip-command-execution(43422)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43422"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=100"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=97"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=102"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-269.htm"
            },
            {
              "name": "46587",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/46587"
            },
            {
              "name": "30777",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30777"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=101"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=99"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=95"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=103"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.voipshield.com/research-details.php?id=96"
            },
            {
              "name": "avaya-mss-nameserver-command-execution(43423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43423"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified \"input validation\" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "29938",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/29938"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=92",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=92"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=104",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=104"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=98",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=98"
                },
                {
                  "name": "avaya-mss-ftpstorage-command-execution(43424)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43424"
                },
                {
                  "name": "ADV-2008-1945",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/1945/references"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=94",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=94"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=93",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=93"
                },
                {
                  "name": "avaya-mss-tcpip-command-execution(43422)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43422"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=100",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=100"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=97",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=97"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=102",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=102"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-269.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-269.htm"
                },
                {
                  "name": "46587",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/46587"
                },
                {
                  "name": "30777",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30777"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=101",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=101"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=99",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=99"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=95",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=95"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=103",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=103"
                },
                {
                  "name": "http://www.voipshield.com/research-details.php?id=96",
                  "refsource": "MISC",
                  "url": "http://www.voipshield.com/research-details.php?id=96"
                },
                {
                  "name": "avaya-mss-nameserver-command-execution(43423)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43423"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3081",
        "datePublished": "2008-07-09T00:00:00.000Z",
        "dateReserved": "2008-07-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:21:35.011Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5830 (GCVE-0-2007-5830)

    Vulnerability from cvelistv5 – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47
    VLAI
    Summary
    Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input validation."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://osvdb.org/38482 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/27505 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/26295 vdb-entryx_refsource_BID
    Date Public
    2007-11-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:47:00.405Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm"
              },
              {
                "name": "38482",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38482"
              },
              {
                "name": "27505",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27505"
              },
              {
                "name": "26295",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26295"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to \"input validation.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-11-09T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm"
            },
            {
              "name": "38482",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38482"
            },
            {
              "name": "27505",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27505"
            },
            {
              "name": "26295",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26295"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5830",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to \"input validation.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm"
                },
                {
                  "name": "38482",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38482"
                },
                {
                  "name": "27505",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27505"
                },
                {
                  "name": "26295",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26295"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5830",
        "datePublished": "2007-11-05T19:00:00.000Z",
        "dateReserved": "2007-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:47:00.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1058 (GCVE-0-2006-1058)

    Vulnerability from cvelistv5 – Published: 2006-04-04 10:00 – Updated: 2024-08-07 16:56
    VLAI
    Summary
    BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/25098 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/17330 vdb-entryx_refsource_BID
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/19477 third-party-advisoryx_refsource_SECUNIA
    http://bugs.busybox.net/view.php?id=604 x_refsource_CONFIRM
    http://secunia.com/advisories/25848 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://www.redhat.com/support/errata/RHSA-2007-02… vendor-advisoryx_refsource_REDHAT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2005-12-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:56:15.493Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "25098",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25098"
              },
              {
                "name": "17330",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17330"
              },
              {
                "name": "oval:org.mitre.oval:def:9483",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483"
              },
              {
                "name": "19477",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19477"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.busybox.net/view.php?id=604"
              },
              {
                "name": "25848",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25848"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm"
              },
              {
                "name": "RHSA-2007:0244",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0244.html"
              },
              {
                "name": "busybox-passwd-weak-security(25569)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25569"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-12-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "25098",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25098"
            },
            {
              "name": "17330",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17330"
            },
            {
              "name": "oval:org.mitre.oval:def:9483",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9483"
            },
            {
              "name": "19477",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19477"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.busybox.net/view.php?id=604"
            },
            {
              "name": "25848",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25848"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-250.htm"
            },
            {
              "name": "RHSA-2007:0244",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0244.html"
            },
            {
              "name": "busybox-passwd-weak-security(25569)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25569"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-1058",
        "datePublished": "2006-04-04T10:00:00.000Z",
        "dateReserved": "2006-03-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:56:15.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1494 (GCVE-0-2001-1494)

    Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
    VLAI
    Summary
    script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/16280 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2005-782.html vendor-advisoryx_refsource_REDHAT
    http://seclists.org/bugtraq/2001/Dec/0123.html mailing-listx_refsource_BUGTRAQ
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://seclists.org/bugtraq/2001/Dec/0122.html mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/16785 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_MISC
    http://secunia.com/advisories/18502 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2001-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:58:11.298Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16280",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16280"
              },
              {
                "name": "RHSA-2005:782",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-782.html"
              },
              {
                "name": "20011212 Silly \u0027script\u0027 hardlink bug",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2001/Dec/0123.html"
              },
              {
                "name": "oval:org.mitre.oval:def:10723",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723"
              },
              {
                "name": "20011213 Silly \u0027script\u0027 hardlink bug - fixed",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://seclists.org/bugtraq/2001/Dec/0122.html"
              },
              {
                "name": "16785",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16785"
              },
              {
                "name": "util-linux-script-hardlink(7718)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7718"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm"
              },
              {
                "name": "18502",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18502"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16280",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16280"
            },
            {
              "name": "RHSA-2005:782",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-782.html"
            },
            {
              "name": "20011212 Silly \u0027script\u0027 hardlink bug",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2001/Dec/0123.html"
            },
            {
              "name": "oval:org.mitre.oval:def:10723",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723"
            },
            {
              "name": "20011213 Silly \u0027script\u0027 hardlink bug - fixed",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://seclists.org/bugtraq/2001/Dec/0122.html"
            },
            {
              "name": "16785",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16785"
            },
            {
              "name": "util-linux-script-hardlink(7718)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7718"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm"
            },
            {
              "name": "18502",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18502"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1494",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16280",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16280"
                },
                {
                  "name": "RHSA-2005:782",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-782.html"
                },
                {
                  "name": "20011212 Silly \u0027script\u0027 hardlink bug",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2001/Dec/0123.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:10723",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10723"
                },
                {
                  "name": "20011213 Silly \u0027script\u0027 hardlink bug - fixed",
                  "refsource": "BUGTRAQ",
                  "url": "http://seclists.org/bugtraq/2001/Dec/0122.html"
                },
                {
                  "name": "16785",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16785"
                },
                {
                  "name": "util-linux-script-hardlink(7718)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7718"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm",
                  "refsource": "MISC",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm"
                },
                {
                  "name": "18502",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18502"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1494",
        "datePublished": "2005-06-21T04:00:00.000Z",
        "dateReserved": "2005-06-21T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:58:11.298Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }