openSUSE 10 Security Update : rubygems (rubygems-2644)

This update fixes a vulnerability in rubygems that allowed to overwrite files with root privileges. CVE-2007-0469 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update rubygems-2644. The text...

GLSA-200710-10 : SKK Tools: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200710-10 SKK Tools: Insecure temporary file creation skkdic-expr.c insecurely writes temporary files to a location in the form $TMPDIR/skkdic$PID.pag,dir,db, where $PID is the process ID. Impact : A local attacker could create...

CVE-2007-5200

hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugindebugoptimresults.txt temporary file...

CVE-2007-5200

CVE-2007-5200 affects hugin on multiple distros (e.g., openSUSE, Fedora, Gentoo). It enables a local user to overwrite arbitrary files via an insecurely created hugin_debug_optim_results.txt, through a symlink attack. Documented impacts: local access with possible file overwrite of privileges; no...

CVE-2007-5200

hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugindebugoptimresults.txt temporary file...

SKK Tools: Insecure temporary file creation

Background SKK is a Japanese input method for Emacs. Description skkdic-expr.c insecurely writes temporary files to a location in the form $TMPDIR/skkdic$PID.pag,dir,db, where $PID is the process ID. Impact A local attacker could create symbolic links in the directory where the temporary files ar...

CVE-2004-2743

CVE-2004-2743 concerns upload.cgi in Mega Upload Progress Bar before 1.45. It allows remote attackers to copy or overwrite arbitrary files via parameters related to uploaded file names. The NVD entry lists a CVSSv2 base score of 6.4 (Medium), with Network attack vector, Low complexity, and no aut...

CVE-2004-2743

upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files...

Pegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"----------------------------------------------------------------------------- bPegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite/b url:...

pegasus-overwrite.txt

----------------------------------------------------------------------------- Pegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite url: http://www.pegasusimaging.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational...

Pegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite

Exploit for unknown platform in category remote exploits ============================================================== Pegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite ==============================================================...

Pegasus Imaging ImagXpress 8.0 - Arbitrary File Overwrite

Pegasus Imaging ImagXpress 8.0 - Arbitrary File Overwrite ----------------------------------------------------------------------------- Pegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite url: http://www.pegasusimaging.com/ Author: shinnai mail: shinnaiatautisticidotorg site:...

Pegasus Imaging ImagXpress 8.0 - Arbitrary File Overwrite

----------------------------------------------------------------------------- Pegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite url: http://www.pegasusimaging.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational...

EB Design Pty Ltd (EBCRYPT.DLL v.2.0) Multiple Remote Vulnerabilites

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"----------------------------------------------------------------------------- bEB Design Pty Ltd EBCRYPT.DLL v.2.0 Multiple Remote Vulnerabilites/b url:...

ebdesign-remote.txt

----------------------------------------------------------------------------- EB Design Pty Ltd EBCRYPT.DLL v.2.0 Multiple Remote Vulnerabilites url: http://www.ebcrypt.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose...

CVE-2007-3916

The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file...

CVE-2007-3916

The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file...

CVE-2007-3916

CVE-2007-3916 affects SKK Tools 1.2 (skkdic-expr.c): it insecurely writes temporary files to $TMPDIR/skkdic$PID.{pag,dir,db}, enabling a local attacker to create symbolic links and potentially overwrite or modify arbitrary files. The issue is caused by writing to a temporary file named with the p...

VMware Workstation 6.0多个安全漏洞

BUGTRAQ ID: 25728,25729,25731,25732 CVECAN ID: CVE-2007-0061,CVE-2007-0062,CVE-2007-0063,CVE-2007-4059,CVE-2007-4155,CVE-2007-4496,CVE-2007-4497 VMWare是一款虚拟PC软件，允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare的实现上存在多个安全漏洞，可导致多种威胁。 具体如下： 1 VMWare的DHCP服务器可被恶意网页用来获取系统权限。 2...

CVE-2007-4982

Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the 1 SaveAsBMP or 2 SaveAsWMF...