CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-0564

Roaring Penguin pppoe rp-ppoe, if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this...

CVE-2004-0564

Roaring Penguin pppoe rp-ppoe, if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this...

DEBIAN-CVE-2004-0564

Roaring Penguin pppoe rp-ppoe, if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this...

Fedora Core 2 : krb5-1.3.6-1 (2004-563)

A heap based buffer overflow bug was found in the administration library of Kerberos 1.3.5 and earlier. This overflow in the password history handling code could allow an authenticated remote attacker to execute commands on a realm's master Kerberos KDC. The Common Vulnerabilities and Exposures...

CVE-2004-1294

The CVE-2004-1294 issue affects tnftp (2003-08-25 build) where the mget function in cmds.c does not validate server-supplied filenames containing /, allowing a remote FTP server to overwrite arbitrary files on the client system. This could occur when processing responses that include such filenam...

CVE-2004-1294

The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / slash characters...

CVE-2004-1276

IglooFTP 0.6.1 is affected by a local vulnerability when recursively uploading a directory: a race condition allows local users to overwrite the files being uploaded by creating temporary files with names generated by tmpnam before the destination files are opened. This is caused by the use of tm...

CVE-2004-1276

IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP...

CVE-2004-1294

The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / slash characters...

CVE-2004-1277

CVE-2004-1277 concerns IglooFTP 0.6.1 where the download_selection_recursive() function in ftplist.c is vulnerable. A remote FTP server can cause arbitrary files to be overwritten via filenames containing a forward slash ('/'), indicating a path traversal-like flaw within the file listing/selecti...

CVE-2004-1281

The CVE-2004-1281 entry documents a vulnerability in junkie 0.3.1 where the ftp_retr function is exploitable by remote FTP servers to overwrite arbitrary files via .. sequences in a filename. This is a path-traversal issue allowing network-based exploitation with low complexity and no authenticat...

CVE-2004-1281

The ftpretr function in junkie 0.3.1 allows remote malicious FTP servers to overwrite arbitrary files via .. dot dot sequences in a filename...

CVE-2004-1277

The downloadselectionrecursive function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / slash characters...

RHEL 3 : rh-postgresql (RHSA-2004:489)

Updated rh-postgresql packages that fix various bugs are now available. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects, and user-defined types and functions. Trustix has identified improper...

groff -- pic2graph and eqn2graph are vulnerable to symlink attack through temporary files

The eqn2graph and pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

DSA-610-1 cscope - insecure temporary file

Bulletin has no description...

wget <= 1.9 Directory Traversal Exploit

Exploit for multiple platform in category remote exploits ======================================= wget = 1.9 Directory Traversal Exploit ======================================= !/usr/bin/perl -W wgettrap.poc -- A POC for the wget1 directory traversal vulnerability Copyright 2004 Jan Min=C3=A1=C5=...

wget 1.9 - Directory Traversal

!/usr/bin/perl -W wgettrap.poc -- A POC for the wget1 directory traversal vulnerability Copyright 2004 Jan Min???? jjminar fastmail fm License: Public Domain When wget connects to us, we send it a HTTP redirect constructed so that wget wget will connect the second time, it will be attempting to...