Slackware Linux 3.4 - 'netconfig' Temporary File

source: https://www.securityfocus.com/bid/81/info netconfig creates the file /tmp/tmpmsg insecurely and follows symbolic links. An attacker can create a symbolic link from /tmp/tmpmsg to any file and wait for root to run the program. This will clober the target file. The file created has...

CVE-1999-1486

sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack...

CVE-1999-1269

Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file...

CVE-1999-1439

gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files...

CVE-1999-0191

IIS newdsn.exe CGI script allows remote users to overwrite files...

CVE-1999-1139

Character-Terminal User Environment CUE in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file...

CVE-1999-0298

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. dot dot attack...

CVE-1999-1299

rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file...

CVE-1999-0081

wu-ftp allows files to be overwritten via the rnfr command...

CVE-1999-0127

swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access...

CVE-1999-0096

Sendmail decode alias can be used to overwrite sensitive files...

CVE-1999-0277

The WorkMan program can be used to overwrite any file to get root access...

PT-1996-1038 · Workman · Workman

Name of the Vulnerable Software and Affected Versions: WorkMan affected versions not specified Description: The issue allows an attacker to overwrite any file, potentially leading to root access. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

CVE-1999-0132

Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access...

CVE-1999-0133

fmfls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access...

PT-1996-1023 · Adobe · Fm Fls License Server For Adobe Framemaker

Name of the Vulnerable Software and Affected Versions: fm fls license server for Adobe Framemaker affected versions not specified Description: The issue allows local users to overwrite arbitrary files and gain root access. Recommendations: At the moment, there is no information about a newer...

SGI IRIX 5.36.2 SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Local Privilege Escalation

SGI IRIX 5.36.2 SGI licenseoeo 1.0 LicenseManager - NETLSLICENSEFILE Local Privilege Escalation source: https://www.securityfocus.com/bid/72/info Under normal operation LicenseManager1M is a program used to view and manage FLEXlm and NetLS software licenses. Unfortunately, a set of vulnerabilitie...

CVE-1999-1552

dpsexec DPS Server when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges...