Ansible fetch module path traversal vulnerability

Ansible is a computer system configuration manager that can be used to publish, manage, and orchestrate computer systems. A path traversal vulnerability exists in the Ansible fetch module. An attacker can exploit this vulnerability to copy and overwrite files...

Input validation

Openshift Enterprise source-to-image before version 1.1.10 is vulnerable to an improper validation of user input. An attacker who could trick a user into using the command to copy files locally, from a pod, could override files outside of the target directory of the command...

CVE-2018-1103

Openshift Enterprise source-to-image before version 1.1.10 is vulnerable to an improper validation of user input. An attacker who could trick a user into using the command to copy files locally, from a pod, could override files outside of the target directory of the command...

Debian Security Advisory DSA 3263-1 (proftpd-dfsg - security update)

Vadim Melihow discovered that in proftpd-dfsg, an FTP server, the modcopy module allowed unauthenticated users to copy files around on the server, and possibly to execute arbitrary code. OpenVAS Vulnerability Test $Id: deb3263.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory...

sssd: TOCTOU race conditions by copying and removing directory trees

System Security Services Daemon SSSD before 1.9.4, when 1 creating, 2 copying, or 3 removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files...

Untrusted Application or Applet May Move or Copy Arbitrary Files

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier does not properly enforce access restrictions for untrusted 1 applications and 2 applets, which allows user-assisted remote attacke...