CVE-2004-1294

The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / slash characters...

CVE-2004-1276

IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP...

CVE-2004-1277

The downloadselectionrecursive function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / slash characters...

CVE-2004-1281

The CVE-2004-1281 entry documents a vulnerability in junkie 0.3.1 where the ftp_retr function is exploitable by remote FTP servers to overwrite arbitrary files via .. sequences in a filename. This is a path-traversal issue allowing network-based exploitation with low complexity and no authenticat...

CVE-2004-1277

CVE-2004-1277 concerns IglooFTP 0.6.1 where the download_selection_recursive() function in ftplist.c is vulnerable. A remote FTP server can cause arbitrary files to be overwritten via filenames containing a forward slash ('/'), indicating a path traversal-like flaw within the file listing/selecti...

CVE-2004-1281

The ftpretr function in junkie 0.3.1 allows remote malicious FTP servers to overwrite arbitrary files via .. dot dot sequences in a filename...

CVE-2004-1294

The CVE-2004-1294 issue affects tnftp (2003-08-25 build) where the mget function in cmds.c does not validate server-supplied filenames containing /, allowing a remote FTP server to overwrite arbitrary files on the client system. This could occur when processing responses that include such filenam...

CVE-2004-1276

IglooFTP 0.6.1 is affected by a local vulnerability when recursively uploading a directory: a race condition allows local users to overwrite the files being uploaded by creating temporary files with names generated by tmpnam before the destination files are opened. This is caused by the use of tm...

CVE-2004-1294

The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / slash characters...

RHEL 3 : rh-postgresql (RHSA-2004:489)

Updated rh-postgresql packages that fix various bugs are now available. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects, and user-defined types and functions. Trustix has identified improper...

groff -- pic2graph and eqn2graph are vulnerable to symlink attack through temporary files

The eqn2graph and pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

DSA-610-1 cscope - insecure temporary file

Bulletin has no description...

wget <= 1.9 Directory Traversal Exploit

Exploit for multiple platform in category remote exploits ======================================= wget = 1.9 Directory Traversal Exploit ======================================= !/usr/bin/perl -W wgettrap.poc -- A POC for the wget1 directory traversal vulnerability Copyright 2004 Jan Min=C3=A1=C5=...

wget 1.9 - Directory Traversal

!/usr/bin/perl -W wgettrap.poc -- A POC for the wget1 directory traversal vulnerability Copyright 2004 Jan Min???? jjminar fastmail fm License: Public Domain When wget connects to us, we send it a HTTP redirect constructed so that wget wget will connect the second time, it will be attempting to...

wget -- multiple vulnerabilities

Jan Minar reports that there exists multiple vulnerabilities in wget: Wget erroneously thinks that the current directory is a fair game, and will happily write in any file in and below it. Malicious HTTP response or malicious HTML file can redirect wget to a file that is vital to the system, and...

CVE-2004-0770

CVE-2004-0770 affects romload.c in DGen Emulator 1.23 and earlier. The vulnerability arises during decompression of ROM files compressed with gzip or bzip, where a symlink attack on temporary files enables a local attacker to overwrite arbitrary files. Impact is local file overwrite; no exploit d...

CVE-2004-0770

romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of 1 gzip or 2 bzip ROM files...

CVE-2004-0770

romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of 1 gzip or 2 bzip ROM files...

Perl: Insecure temporary file creation

Background Perl is a stable, cross-platform programming language created by Larry Wall. Description Some Perl modules create temporary files in world-writable directories with predictable names. Impact A local attacker could create symbolic links in the temporary files directory, pointing to a...

GLSA-200412-04 : Perl: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200412-04 Perl: Insecure temporary file creation Some Perl modules create temporary files in world-writable directories with predictable names. Impact : A local attacker could create symbolic links in the temporary files directory...