Локальный DoS против Windows XP

Можифицировав файл .manifest можно привести к краху системы...

CVE-2001-0887

xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files...

CVE-2001-0817

Vulnerability in HP-UX line printer daemon rlpdaemon in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request...

CVE-2001-0817

The CVE-2001-0817 issue affects HP-UX rlpdaemon (line printer daemon) across HP-UX releases 10.01 through 11.11. The vulnerability is a remote/logic flaw in rlpdaemon that allows a crafted print request to create arbitrary files or directories and gain superuser privileges. Evidence from multiple...

CVE-2001-0409

vim aka gvim allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory...

CVE-2001-0409

The CVE-2001-0409 vulnerability affects vim (aka gvim). It allows a local attacker to modify files being edited by other users via a symlink attack on swap/backup files when the victim edits a file in a world-writable directory. The underlying issue is a symlink race during edit sessions, enablin...

CVE-2001-0434

The LogDataListToFile ActiveX function used in 1 Knowledge Center and 2 Back web components of Compaq Presario computers allows remote attackers to modify arbitrary files and cause a denial of service...

CVE-1999-1244

CVE-1999-1244 affects IPFilter versions 3.2.3–3.2.10. The flaw arises from a symlink attack on the saved output file, enabling local users to modify arbitrary files. The impact is described as full confidentiality, integrity, and availability effects in the source data. No remediation or exploit ...

CVE-1999-1221

The CVE-1999-1221 vulnerability affects Digital Unix (OSF/1) 3.x, where local users can modify arbitrary files via a symlink attack on the dxchpwd.log file. The provided documents describe the affected product and the underlying cause as a symlink attack, but do not include details on exploitatio...

CVE-1999-1267

KDE file manager kfm uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server...

CVE-1999-1221

dxchpwd in Digital Unix OSF/1 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file...

CVE-1999-1267

CVE-1999-1267 concerns the KDE file manager (kfm), which exposes a TCP server for certain file operations. According to the description and linked records, a remote attacker can modify arbitrary files by sending a copy command to this server. The vulnerability is categorized with a NVD base score...

CVE-1999-1125

Oracle Webserver 2.1 and earlier runs setuid root; the configuration file is owned by the oracle account. This allows any local or remote attacker with oracle access to gain privileges or modify arbitrary files by altering the configuration file. No remediation details are provided in the supplie...

CVE-2001-1301

rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file...

Sambar Web Server pagecount exploit code

by default, there is a pagecount script with Sambar Web Server it's situated at http://sambarserver/session/pagecount counter writes it's temporary files at c:sambardirectorytmp if we'll write http://sambarserver/session/pagecount?page=index it will create file in Sambar temp directory with name...

CVE-2001-1172

OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileges to modify a protected file by creating a symbolic link to that file...

[SNS Advisory No.37] HTTProtect allows attackers to change the protected file using a symlink

----------------------------------------------------------------------- SNS Advisory No.37 HTTProtect allows attackers to change the protected file using a symlink Problem first discovered: Mon, 4 Jun 2001 Published: Wed, 18 Jul 2001...

CVE-2001-0434

The LogDataListToFile ActiveX function used in 1 Knowledge Center and 2 Back web components of Compaq Presario computers allows remote attackers to modify arbitrary files and cause a denial of service...

CVE-2001-0407

Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. dot dot...

CVE-2001-0071

gpg aka GnuPG 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection...