CVE-2004-1387

The checkforensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files...

CVE-2004-1808

Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2004-1179

The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories...

CVE-2004-2014

Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded...

CVE-2004-1179

The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories...

CVE-2004-1382

The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968...

CVE-2004-2462

cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplaycontrol temporary file...

DEBIAN-CVE-2004-1951

xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the 1 audio.sunaudiodevice or 2 dxr3.devicename options in an MRL link...

CVE-2004-1179

CVE-2004-1179 concerns the debstd script in debmake (versions 3.6.x before 3.6.10 and 3.7.x before 3.7.7). The vulnerability arises from insecure handling of temporary directories, allowing local users to perform a symlink attack that can overwrite arbitrary files. Multiple connected sources (NVD...

CVE-2004-1951

xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the 1 audio.sunaudiodevice or 2 dxr3.devicename options in an MRL link...

CVE-2004-1376

Directory traversal vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote malicious FTP servers to overwrite arbitrary files via .. dot dot sequences in filenames returned from a LIST command...

[Full-Disclosure] QNX crrtrap arbitrary file read/write vulnerability [RLSA_06-2004]

rfdslabs security advisory Title: QNX crrtrap arbitrary file read/write vulnerability RLSA06-2004 Versions: QNX RTOS 2.4, 4.25, 6.1.0, 6.2.0 + Update Patch A Vendor: http://www.qnx.com Date: Dec 11 2004 Author: Julio Cesar Fort julio NOSPAM rfdslabs com br 1. Introduction crrtrap is a tool to...

CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

DEBIAN-CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-0564

Roaring Penguin pppoe rp-ppoe, if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this...

CVE-2004-0564

Roaring Penguin pppoe rp-ppoe, if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this...

DEBIAN-CVE-2004-0564

Roaring Penguin pppoe rp-ppoe, if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this...

Fedora Core 2 : krb5-1.3.6-1 (2004-563)

A heap based buffer overflow bug was found in the administration library of Kerberos 1.3.5 and earlier. This overflow in the password history handling code could allow an authenticated remote attacker to execute commands on a realm's master Kerberos KDC. The Common Vulnerabilities and Exposures...