CVE-2010-2382: Solaris flar unsafe use of temporary files

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Below is the full disclosure information for CVE-2010-2382. It was reported to security-al...@sun.com on 23 December, 2009 and assigned Sun bug 6912851. This vulnerability was addressed by Sun/Oracle in the July 2010 Critical Patch Update (http://www

CVE-2010-2382: Solaris nfslogd unsafe use of temporary files

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Below is the full disclosure information for CVE-2010-2383. It was reported to security-al...@sun.com on 29 December, 2009 and assigned Sun bug 6913655. This vulnerability was addressed by Sun/Oracle in the July 2010 Critical Patch Update (http://www

CVE-2010-2384: Solaris wbem unsafe use of temporary files

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Below is the full disclosure information for CVE-2010-2384. It was reported to security-al...@sun.com on 3 January, 2010 and assigned Sun bug 6913886. This vulnerability was addressed by Sun/Oracle in the July 2010 Critical Patch Update (http://www.o

U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Executive Summary - - Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run. If a remote user can introduce a file into the filesystem (e.g. anonymous ftp, http upload, cdrom, samba share,

UPDATE: DISA Unix SRR root compromise / CVE-2009-4211 / VU#433821

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 After the issue in CVE-2009-4211 was made public, the Unix SRR script was removed from http://iase.disa.mil/stigs/SRR/unix.html with a note saying: ?Due to a recently identified security issue, please do not run any version of the UNIX SRR scripts unt