Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-16 | CVE-2008-2271 | Improper Privilege Management vulnerability in Site Documentation Project Site Documentation The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the "access content" permission to list tables and obtain session IDs from the database. | 5.0 |
| 2007-05-14 | CVE-2007-2444 | Improper Privilege Management vulnerability in multiple products Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user. | 7.2 |
| 2002-03-15 | CVE-2002-0080 | Improper Privilege Management vulnerability in multiple products rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | 2.1 |
| 2002-03-08 | CVE-2002-0049 | Improper Privilege Management vulnerability in Microsoft Exchange Server 2000 Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. | 6.4 |