Mozilla Multiple Products XPInstall Arbitrary File Overwrite

The remote host is using Mozilla and/or Firefox, an alternative web browser. The version of this software is prone to an improper file permission setting. This flaw only exists if the browser is installed by the Mozilla Foundation package management, therefore, this alert might be a false positiv...

DSA-557-1 pppoe - missing privilegue dropping

Bulletin has no description...

PostgreSQL make_oidjoins_check Arbitrary File Overwrite

The remote PostgreSQL server, according to its version number, is vulnerable to an unspecified insecure temporary file creation flaw, which may allow a local attacker to overwrite arbitrary files with the privileges of the application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Vulnerability in OpenSSL CVE-2004-0975

The derchop script created temporary files insecurely which could allow local users to overwrite files via a symlink attack on temporary files. Note that it is quite unlikely that a user would be using the redundant derchop script, and this script was removed from the OpenSSL distribution...

PHP File Upload Vulnerability POC

PHP File Upload Vulnerability POC Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Author: Stefano Di Paola Affected: Php = 5.0.1 Not Affected: Maybe some old Version of Php before 4.2.x Vulnerability Type: Possible write of a downloaded file in an arbitrary location...

Debian DSA-483-1 : mysql - insecure temporary file creation

Two vulnerabilities have been discovered in mysql, a common database system. Two scripts contained in the package don't create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the user invoking the MySQL server, which is often the ro...

Debian DSA-343-1 : skk, ddskk - insecure temporary file

skk Simple Kana to Kanji conversion program, does not take appropriate security precautions when creating temporary files. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running Emacs and skk. ddskk is derived from the same code, and contains...

Debian DSA-366-1 : eroaster - insecure temporary file

eroaster, a frontend for burning CD-R media using cdrecord, does not take appropriate security precautions when creating a temporary file for use as a lockfile. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running eroaster. %NASLMINLEVEL 703...

Debian DSA-256-1 : mhc - insecure temporary file

A problem has been discovered in adb2mhc from the mhc-utils package. The default temporary directory uses a predictable name. This adds a vulnerability that allows a local attacker to overwrite arbitrary files the users has write permissions for. %NASLMINLEVEL 70300 C Tenable Network Security, In...

Debian DSA-019-1 : squid - insecure tempfile handling

WireX discovered a potential temporary file race condition in the way that squid sends out email messages notifying the administrator about updating the program. This could lead to arbitrary files to get overwritten. However the code would only be executed if running a very bleeding edge release ...

Debian DSA-339-1 : semi - insecure temporary file

NOTE: due to a combination of administrative problems, this advisory was erroneously released with the identifier 'DSA-337-1'. DSA-337-1 correctly refers to an earlier advisory regarding gtksee. semi, a MIME library for GNU Emacs, does not take appropriate security precautions when creating...

Debian DSA-056-1 : man-db - local file overwrite

Ethan Benson found a bug in man-db packages as distributed in Debian GNU/Linux 2.2. man-db includes a mandb tool which is used to build an index of the manual pages installed on a system. When the -u or -c option were given on the command-line to tell it to write its database to a different...

Debian DSA-232-1 : cupsys - several vulnerabilities

Multiple vulnerabilities were discovered in the Common Unix Printing System CUPS. Several of these issues represent the potential for a remote compromise or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2002-1383: Multiple integer...

Debian DSA-053-1 : nedit - insecure temporary file

The nedit Nirvana editor package as shipped in the non-free section accompanying Debian GNU/Linux 2.2/potato had a bug in its printing code: when printing text it would create a temporary file with the to be printed text and pass that on to the print system. The temporary file was not created...

Debian DSA-279-1 : metrics - insecure temporary file creation

Paul Szabo and Matt Zimmerman discovered two similar problems in metrics, a tools for software metrics. Two scripts in this package, 'halstead' and 'gatherstats', open temporary files without taking appropriate security precautions. 'halstead' is installed as a user program, while 'gatherstats' i...

Debian DSA-553-1 : getmail - symlink vulnerability

A security problem has been discovered in getmail, a POP3 and APOP mail gatherer and forwarder. An attacker with a shell account on the victims host could utilise getmail to overwrite arbitrary files when it is running as root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

DSA-553-1 getmail - symlink vulnerability

Bulletin has no description...

CVE-2004-0559

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory...

CVE-2004-0880

getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file...

[VulnWatch] Php Vulnerability N. 2

Let's go for the second one: ========================================= Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Affected: Php = 5.0.1 Not Affected: it seems none Vulnerability Type: Possible write of a downloaded file in an arbitrary location. Vendor Status:...