1641 matches found
CVE-2003-0022
CVE-2003-0022 concerns rxvt 2.7.8: the terminal emulator’s screen-dump escape sequence can be used to overwrite arbitrary files when the sequence is echoed to a user’s terminal (e.g., while viewing a file containing the sequence). The vulnerability stems from the screen-dump feature, and the expl...
Mozilla Predictable Temporary File Symbolic Link Arbitrary File Overwrite (deprecated)
Binary data 1309.prm...
DEBIAN-CVE-2004-0175
Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992...
Sendmail 'decode' Alias Arbitrary File Overwrite
Binary data 2026.prm...
CVE-2004-0545
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack...
DEBIAN-CVE-2004-0647
shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file...
CVE-2004-0647
shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file...
[ GLSA 200407-07 ] Shorewall : Insecure temp file handling
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200407-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
RHEL 2.1 : unzip (RHSA-2003:200)
Updated unzip packages resolving a vulnerability allowing arbitrary files to be overwritten are now available. Updated 15 August 2003 Ben Laurie found that the original patch to fix this issue missed a case where the path component included a quoted slash. These updated packages contain a new pat...
security flaw
Utempter allows device names that contain .. dot dot directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files...
Multiple Vulnerabilities in Samba
Background Samba is a package which allows UNIX systems to act as file servers for Windows computers. It also allows UNIX systems to mount shares exported by a Samba/CIFS/Windows server. smbmount is a program in the Samba package which allows normal users on a UNIX system to mount remote shares...
CVE-2004-0423
The logevent function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file...
CVE-2004-0423
The logevent function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file...
CVE-2004-0107
The 1 post and 2 trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108...
CVE-2004-0372
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the 1 xine-bugreport or 2 xine-check scripts...
FreeBSD-SA-04:07.cvs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:07.cvs Security Advisory The FreeBSD Project Topic: CVS path validation errors Category: contrib Module: contribcvs Announced: 2004-04-15 Revised: 2004-04-16...
mysqlbug tmpfile/symlink vulnerability.
Product: mysqlbug packaged with MySQL. Versions: All Bug: Symlink bug / tmpfile bug. Impact: Attacker's can overwrite arbitrary files. Risk: Low/Medium Date: March 24, 2004 Author: Shaun Colley Email: shaunige yahoo co uk WWW: http://www.nettwerked.co.uk Introduction MySQL is an open-source, fast...
MySQL insecure temporary file creation (mysqlbug)
Shaun Colley reports that the script mysqlbug' included with MySQL sometimes creates temporary files in an unsafe manner. As a result, an attacker may create a symlink in /tmp so that if another user invokes mysqlbug' and quits without making any changes, an arbitrary file may be overwritten with...
CVE-2003-1528
nsrshutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrshPID temporary file...
Mac OS X Arbitrary File Overwrite via Core Files
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Arbitrary File Overwrite via Core Files Release Date: 10/24/2003 Application: Kernel Platform: Mac OS X Severity: High Author: Dave G. [email protected] Vendor Status: Vendor has new releas...