FreeBSD : cscope -- symlink attack vulnerability (a7bfd423-484f-11d9-a9e7-0001020eed82)

cscope is vulnerable to a symlink attack which could lead to an attacker overwriting arbitrary files with the permissions of the user running cscope. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...

DEBIAN-CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2004-2541

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

DEBIAN-CVE-2004-2541

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

CVE-2004-2541

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

CVE-2004-2541

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

[SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 610-1 [email protected] http://www.debian.org/security/ Martin Schulze December 17th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 610-1] New cscope packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 610-1 [email protected] http://www.debian.org/security/ Martin Schulze December 17th, 2004 http://www.debian.org/security/faq -...

Cscope 15.5 - Symlink

/ RXcscope exploit version 15.5 and minor / include include include include define BSIZE 64 int mainint ac, char av pidt cur; uint i=0, lst; char bufferBSIZE + 1; fprintfstdout, "\n -- Cscope Exploit --\n"\ " version 15.5 and minor \n" \ " Gangstuck / Psirac\n" \ " \n\n"; if ac != 3 fprintfstderr...

Cscope <= 15.5 Symlink Vulnerability Exploit

Exploit for linux platform in category local exploits ============================================ Cscope include include include define BSIZE 64 int mainint ac, char av pidt cur; uint i=0, lst; char bufferBSIZE + 1; fprintfstdout, "\n -- Cscope Exploit --\n"\ " version 15.5 and minor \n" \ "...

Cscope 15.5 - Symlink

Cscope 15.5 - Symlink / RXcscope exploit version 15.5 and minor / include include include include define BSIZE 64 int mainint ac, char av pidt cur; uint i=0, lst; char bufferBSIZE + 1; fprintfstdout, "\n -- Cscope Exploit --\n"\ " version 15.5 and minor \n" \ " Gangstuck / Psirac\n" \ " \n\n"; if...

GLSA-200412-11 : Cscope: Insecure creation of temporary files

The remote host is affected by the vulnerability described in GLSA-200412-11 Cscope: Insecure creation of temporary files Cscope creates temporary files in world-writable directories with predictable names. Impact : A local attacker could create symbolic links in the temporary files directory,...

Debian DSA-610-1 : cscope - insecure temporary file

A vulnerability has been discovered in cscope, a program to interactively examine C source code, which may allow local users to overwrite files via a symlink attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

DSA-610-1 cscope - insecure temporary file

Bulletin has no description...

Cscope: Insecure creation of temporary files

Background Cscope is a developer utility used to browse and manage source code. Description Cscope creates temporary files in world-writable directories with predictable names. Impact A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere...

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2004-0996

CVE-2004-0996 affects cscope 15-4 and 15-5 where main.c creates temporary files with predictable names, enabling local symlink attacks to overwrite arbitrary files. The issue is a local-security vulnerability arising from insecure temporary file creation. Publicly documented fixes show upgrades t...