CVE-1999-0164

CVE-1999-0164 involves a race condition in the Solaris ps command that can allow an attacker to overwrite critical files. The available documents identify the affected component as the Solaris ps utility and describe the root cause as a race condition, with the impact stated as potential modifica...

CVE-1999-0424

The CVE-1999-0424 entry concerns Netscape 4.5’s talkback feature, allowing a local user to overwrite arbitrary files of another user when Netscape crashes. Affected software: Netscape 4.5; Vulnerable component/behavior: talkback causing local file overwrite after crash. Impact: partial confidenti...

"mirror" directory traversal

mirror is a Perl script which is widely used for making copy of remote FTP site. It's included in FreeBSD packages. There are security holes, which allows overwrite local files from remote ftp site with permissions of the user who uses mirror. Then retrieving directory listing mirror doesn't chec...

Sendmail RCPT TO Command Arbitrary File Overwrite

The remote SMTP server did not complain when issued the command : MAIL FROM: root@thishost RCPT TO: /tmp/nessustest This probably means that it is possible to send mail directly to files, which is a serious threat, since this allows anyone to overwrite any file on the remote server. This security...

Sendmail decode Alias Arbitrary File Overwrite

The remote SMTP server seems to pipe mail sent to the 'decode' alias to a program. There have been in the past a lot of security problems regarding this, as it would allow an attacker to overwrite arbitrary files on the remote server. We suggest you deactivate this alias. C Tenable Network...

Microsoft Internet Explorer 5 - ActiveX Object For Constructing Type Libraries For Scriptlets File Write

Microsoft Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4 ActiveX "Object for constructing type libraries for scriptlets" Vulnerability source: https://www.securityfocus.com/bid/598/info The 'scriptlet.typlib' ActiveX control can create, edit, and overwrite files on the local disk...

Microsoft Internet Explorer 5 - ActiveX Object For Constructing Type Libraries For Scriptlets File Write

Microsoft Internet Explorer 5 - ActiveX Object For Constructing Type Libraries For Scriptlets File Write Microsoft Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4 ActiveX "Object for constructing type libraries for scriptlets" Vulnerability source:...

CVE-1999-1565

Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file...

solaris7.ff.core.txt

Date: Wed, 7 Apr 1999 22:11:03 -0700 From: Russell Van Tassell To: [email protected] Subject: Solaris7 and ff.core Forgive me as I just started playing with Solaris 7 and don't recall seeing this yet posted to Bugtraq. It would appear as though an old bug with the OpenWeirdos File Mangler has...

lynxtmp.txt

Date: Tue, 9 Feb 1999 20:57:30 -0500 From: Juan Diego Bolanos To: [email protected] Subject: Lynx /tmp problem Hi Aleph, please filter this if already posted.... ------ Hello.... I have found a bug in Lynx all versions, except the latest stable release... lynx create temporary files in /tmp in...

xtvscreen.suse6.txt

Date: Thu, 18 Feb 1999 15:54:24 +0000 From: Andre Cruz To: [email protected] Subject: xtvscreen and suse 6 You can use xtvscreen to overwrite any file on the system. Xtvscreen has a function to capture a snapshot and will write it as pic000.pnm, pic001.pnm, etc in it's working directory. It...

website.pro.txt

Date: Tue, 16 Feb 1999 17:45:09 -0600 From: Christian Antkow To: [email protected] Subject: Website Pro v2.0 NT Configuration Issues As some of you might be aware, our website www.idsoftware.com was hacked this morning using the "out-of-the-box" features of Website Pro 2.0. The perpetrator use...

svga.textmode.1.8.txt

Date: Tue, 26 Oct 1999 19:14:50 +0300 From: [email protected] To: [email protected] Subject: svgatextmode hello, I sent on bugtraq the bug with savetextmode. I thought that it belonged to SVGATextMode, but it is included in svgalib. So the threat is bigger... Please update your page...

wide-dhcp.txt

http://www.rootshell.com/ From [email protected] Fri Jul 17 12:47:17 1998 Date: Fri, 17 Jul 1998 19:52:31 +0700 NOVST From: Oleg Safiullin To: [email protected] Subject: wide-dhcp security hole Bug found in OpenBSD port of wide-dhcp /created by me :-/. WIDE DHCP server creates...

CVE-1999-0676

sdtcmconvert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack...

CVE-1999-0730

The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack...

Caldera kdenetwork 1.1.1-1 / Caldera OpenLinux 1.3/2.2 / KDE KDE 1.1/1.1. / RedHat Linux 6.0 - K-Mail File Creation

// source: https://www.securityfocus.com/bid/300/info KMail is a mail user agent that comes with the kdenetwork package, part of the K Desktop Environment. A vulnerability in the way KMail creates temporary files to save attachments may allow malicious users to overwrite any file that user runnin...

IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation

soure: https://www.securityfocus.com/bid/287/info IBM's eNetwork Firewall for AIX contains a number of vulnerability in scripts which manipulate files insecurely. When fwlsuser script is run it creates a temporary file called /tmp/fwlsuser.PID where PID is the process ID of the command being run...

CVE-1999-0424

talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes...

CVE-1999-1495

xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file...