EUVD-2011-4067

Malware in sbrugna...

Open Asset Import Library（assimp） 安全漏洞

Open Asset Import Library assimp is a library in the Open Asset Import Library open source. A security vulnerability exists in Open Asset Import Library assimp version 5.4.3, which stems from an incorrect operation of the parameter tmp that can cause a heap buffer overflow...

CVE-2015-1838

modules/serverdensitydevice.py in SaltStack before 2014.7.4 does not properly handle files in /tmp...

Raspberry Pi Firmware Updater File Clobber

Raspberry Pi Firmware Updater Vulnerability Application: https://github.com/Hexxeh/rpi-update/ Version Tested: Github source as of 10ad1e975a 10th Feb commit Vulnerability 1: A malicious user can clobber any file due to insecure tmp file handling. Example: Any unprivileged user can create the...

Centrify Deployment Manager v2.1.0.283 File Overwrite Vulnerability

Centrify Deployment Manager v2.1.0.283 version 2.1.0.283 appears to suffer from a root-level file overwrite vulnerability due to an insecure use of /tmp. Centrify Deployment Manager v2.1.0.283 While at a training session for centrify, I noticed poor handling of files in /tmp. I was able to...

SuSE 11.1 Security Update : hplip (SAT Patch Number 5307)

This update provides an update of hplip to version 3.11.10 : - Fixed insecure tmp file handling in hpcupsfax.cpp CVE-2011-2722 see https://bugs.launchpad.net/hplip/+bug/809904. bnc704608 - New tech classes for HP OfficeJet Pro 8100, HP Deskjet 3070 B611 series and HP Photosmart 7510 e-All-in-One....

cvs recompiled against updated zlib + /tmp fix

New cvs packages are available to fix security problems. Here's the information from the Slackware 8.0 ChangeLog: ---------------------------- Mon Mar 11 17:54:12 PST 2002 patches/packages/cvs.tgz: Patched to link to the shared zlib on the system instead of statically linking to the included zlib...