cups: allows local users to read arbitrary files via a symlink attack

It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system...

cups: world-readable permissions

It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system...

cups: insufficient checking leads to privilege escalation

It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system...

cups: world-readable permissions

It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system...

UBUNTU-CVE-2014-3537

The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/...

RedHat 6.1/6.2/7.0/7.1 - Man Cache File Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2815/info A vulnerability exists in the 'man' system manual pager program. It is possible for local users to cause man to cache files in the system cache directory from outside of the configured manual page hierarchy sear...

PHP168 6.0 and below the version login. php memory major security vulnerability-vulnerability warning-the black bar safety net

A big problem, it is best not to ignore。。。。 The use of the code will be php Trojan is inserted into the cache/directory to easily get webshell, you can bulk. Use a search engine to search Powered by php168 v6 or what version of v5, v4, v3, v2, v1 will search to many, many more related site Since...

Design/Logic Flaw

TimThumb timthumb.php before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache...

Multiple Cisco WebEx Products Cache Directory Read Vulnerability

A vulnerability in multiple Cisco WebEx products could allow an unauthenticated, remote attacker to read files from the cache directory. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by passing a crafted HTTP request to a WebEx node and re...

AMI: insecure default file permissions for /var/cache/jboss-ec2-eap

EC2 Amazon Machine Image AMI in JBoss Enterprise Application Platform EAP 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services AWS credentials by reading files in the directory...

Race condition

The userchangeiconfileauthorizedcb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition...

CVE-2012-2737

AccountsService

USN-1485-1: AccountsService vulnerability

Florian Weimer discovered that AccountsService incorrectly handled privileges when copying certain files to the system cache directory. A local attacker could exploit this issue to read arbitrary files, bypassing intended permissions...

Fedora 16 : rocksndiamonds-3.3.0.1-5.fc16 (2012-1567)

Apply fix for user configuration/cache directory permission issue CVE-2011-4606, bz766805. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

Fedora 15 : rocksndiamonds-3.3.0.1-5.fc15 (2012-1553)

Apply fix for user configuration/cache directory permission issue CVE-2011-4606, bz766805. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

Design/Logic Flaw

Artsoft Entertainment Rocks'n'Diamonds aka rocksndiamonds 3.3.0.1 allows local users to overwrite arbitrary files via a symlink attack on .rocksndiamonds/cache/artworkinfo.cache under a user's home directory...

Low: Red Hat Security Advisory: php-pear security and bug fix update

An updated php-pear package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

php-pear: symlink vulnerability in PEAR installer

The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the 1 downloaddir, 2 cachedir, 3 tmpdir, and 4 pear-build-download directories, a different vulnerability than CVE-2007-2519...

TimThumb Cache Directory 'src' Parameter Arbitrary PHP File Upload

The version of TimThumb hosted on the remote web server allows an unauthenticated, remote attacker to upload arbitrary PHP files as specified by input to the 'src' parameter and retrieved from third- party sites to its cache directory. It's likely that these files can then be executed by requesti...

Ubuntu Update for icedtea-web USN-1178-1

Ubuntu Update for Linux kernel vulnerabilities USN-1178-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11781.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for icedtea-web USN-1178-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...