Mike Spice's Vote does not adequately validate user input

Overview Mike Spice's Vote does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause Vote to overwrite any file on the server to which the web server process has write privileges. Description Mike Spice's Vote is a CGI script written in Perl and...

Mike Spice's Quiz Me! does not adequately validate user input

Overview Mike Spice's Quiz Me! does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause Quiz Me! to overwrite any file on the server to which the web server process has write privileges. Description Mike Spice's Quiz Me! is a CGI script written in...

Mike Spice's My Calendar does not adequately validate user input

Overview Mike Spice's My Calendar does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause My Calendar to overwrite any file on the server to which the web server process has write privileges. Description Mike Spice's My Calendar is a CGI script...

Security Issue with Mac OS X

Below is the copy of the email I sent to Apple a week ago I have dropped them a copy of the mail on their feedback web page, too. Since I haven't heard of them since, I have chosen to make the security issue available to the community. Below the copy of the mail is a short discussion of the...

scrollkeeper.txt

------------------------------------------------------------------------- Release date : September 2 2002 Author : Spybreak [email protected] Package : Scrollkeeper Version : 0.3.4, 0.3.11 Severity : Medium to High Vendor homepage : scrollkeeper.sourceforge.net Status : vendor contacted Problem :...

CVE-2002-0430

MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php...

CVE-2002-0793

Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 aka QNX4 allow local users to overwrite arbitrary files via 1 the -f argument to the monitor utility, 2 the -d argument to dumper, 3 the -c argument to crttrap, or 4 using the Watcom sample utility...

Directory-traversal vulnerability in Mike Spice's My Classifieds CGI script

Overview Some versions of My Classifieds contain a directory-traversal vulnerability that allows attackers to overwrite files. Description My Classifieds is a Perl CGI script, maintained by Mike Spice, that produces dynamic ad listings on a web server and allows users to edit their ads remotely...

CVE-2002-1449

eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt...

CVE-2002-0793

Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 aka QNX4 allow local users to overwrite arbitrary files via 1 the -f argument to the monitor utility, 2 the -d argument to dumper, 3 the -c argument to crttrap, or 4 using the Watcom sample utility...

CVE-2002-0678

CDE ToolTalk database server ttdbserver allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the TTTRANSACTION RPC procedure...

CVE-2001-1276

The CVE-2001-1276 vulnerability affects ispell prior to 3.1.20. A local user can exploit a race condition by symlinking a temporary file used by ispell, allowing overwrite of another user’s files. Root cause: ispell used mktemp() for temp files; patches switch to mkstemp() and revise input handli...

CVE-2001-1162

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file...

CVE-2001-1277

The CVE-2001-1277 issue affects the makewhatis component of the man package prior to version 1.5i2. A local attacker belonging to the group man can cause arbitrary files to be overwritten by crafting a man page name containing shell metacharacters, exploiting insufficient validation during proces...

CVE-2001-1085

Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file...

CVE-2002-0044

GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files...

CVE-2001-1119

cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack...

CVE-2001-1276

ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file...

CVE-2001-1177

ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

Acrobat reader 4.05 temporary files

------------------------------------------------------------ Insecure temporary files in Acrobat Reader 4.05 [email protected] $Date: 2002/06/20 07:21:29 $ ------------------------------------------------------------ Author: Jarno Huuskonen [email protected] Discovered: Wed 18 Jul 2001...