CVE-1999-1139

Character-Terminal User Environment CUE in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file...

CVE-1999-1386

Perl 5.00404 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file...

CVE-1999-1332

gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file...

CVE-1999-1037

CVE-1999-1037 affects SATAN 1.1.1; a local symlink attack allows a non-privileged user to overwrite arbitrary files via /tmp/rex.$$. This is described in the vulnerability record as rex.satan permits local file overwrite through a symlink race. The connected records confirm the affected product a...

CVE-2001-0625

ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log...

CVE-1999-1263

Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file...

CVE-1999-1139

CVE-1999-1139 describes a local privilege escalation in HP-UX 11.0 and earlier via a symlink attack on IOERROR.mytty, allowing local users to overwrite arbitrary files and gain root privileges. Affected component is HP-UX system tooling related to Character-Terminal User Environment (CUE). The co...

CVE-2001-0627

vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack...

CVE-1999-1037

rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file...

CVE-1999-1177

Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. dot dot in the pathname for an upload operation...

CVE-1999-1328

linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack...

CVE-2002-0044

GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files...

Maelstrom 1.4.3 abartity file overwrite

Program: Maelstrom Version: 1.4.3 Distribution: RedHat 7.1 When trying to break stuff, ltracing Maelstrom showed the following: fopen"/tmp/f", "w" = 0x08081f58 fprintf0x08081f58, "Main program = sn", "Maelstrom" = 25 fclose0x08081f58 = 0 Which made we wonder if it followed symbolic links, by doin...

CVE-2002-1600

Directory traversal vulnerability in Mike Spice's My Classifieds classifieds.cgi before 1.3 allows remote attackers to overwrite arbitrary files via the category parameter...

[PTL-2002-01] Vulnerabilities in Oracle9iAS Web Cache

PenTest Limited www.pentest-limited.com Security Advisory Vulnerabilities in Oracle9iAS Web Cache Author: Mark Rowe [email protected] Pete Finnigan [email protected] Date: 7th January 2002 Reference: ptl-2002-01...

CVE-2001-1448

Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the 1 mkuserproc, 2 mgrnt, and 3 mgdatasrvr.sc scripts...

CVE-2001-1198

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option...

CVE-2001-1197

klprfaxfilter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file...

CVE-2001-0841

Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. dot dot sequences in the amembernamecookie cookie...

CVE-2001-0832

Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in 1 the ORACLEHOME/rdbms/log directory or 2 an alternate directory as specified in the ORACLEHOME environmental variable, aka the "Orac...