54 matches found
UBUNTU-CVE-2014-2524
The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file...
IRIX 6.5.x inpview Race Condition Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1530/info Certain versions of IRIX ship with a version of inpview that creates files in '/var/tmp/' in an insecure manner and is therefore prone to a race condition. InPerson's 'inpview' is a networked multimedia...
RedHat Linux 6.1 i386 Tmpwatch Recursive Write DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1664/info Any user with write access to /tmp or /var/tmp, can induce tmpwatch to cause Red Hat and others runnng tmpwatch from cron to stop responding, and possibly require a hard reboot. This is accomplished by creating ...
CVE-2014-4038
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to 1 rtaserrd/diagsupport.c and /tmp/getdtfiles, 2 scripts/ppc64diagmkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or 3 lpd/test/lpdelatest.sh and /var/tmp/ras...
Race condition
Race condition in the libreswan.spec files for Red Hat Enterprise Linux RHEL and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file...
Fedora 18 : wireshark-1.10.2-4.fc18 (2013-17635)
dumpcap now stores temporary capture files in /var/tmp - Convert automake/pkgconfig files into patches better upstream integration - Restored category in the .desktop file - Install another one necessary header file - framedatasequence.h - Add basic OpenFlow dissector - Ver. 1.10.2 - Ver. 1.10.1...
CVE-2013-4260
lib/ansible/playbook/init.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/...
CVE-2013-4260
lib/ansible/playbook/init.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/...
CVE-2008-5843
Multiple untrusted search path vulnerabilities in pdfjam allow local users to gain privileges via a Trojan horse program in 1 the current working directory or 2 /var/tmp, related to the a pdf90, b pdfjoin, and c pdfnup scripts...
sblim: libraries built with insecure RPATH
Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability sblim libraries before 1-13a.el46.1 in Red Hat Enterprise Linux RHEL 4, and before 1-31.el52.1 in RHEL 5, allows local users to gain privileges via a malicious library...
SuSE 10 Security Update : Geronimo (ZYPP Patch Number 4967)
A chown in the geronimo init script could change ownership of directories it did not own, due to following symlinks. The default setup would corrupt /var/tmp on start. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
CVE-2002-2382
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out...
GLSA-200604-13 : fbida: Insecure temporary file creation
The remote host is affected by the vulnerability described in GLSA-200604-13 fbida: Insecure temporary file creation Jan Braun has discovered that the 'fbgs' script provided by fbida insecurely creates temporary files in the '/var/tmp' directory. Impact : A local attacker could create links in th...
DEBIAN-CVE-2006-1695
The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...