Debian DSA-483-1 : mysql - insecure temporary file creation

Two vulnerabilities have been discovered in mysql, a common database system. Two scripts contained in the package don't create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the user invoking the MySQL server, which is often the ro...

Debian DSA-366-1 : eroaster - insecure temporary file

eroaster, a frontend for burning CD-R media using cdrecord, does not take appropriate security precautions when creating a temporary file for use as a lockfile. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running eroaster. %NASLMINLEVEL 703...

Debian DSA-053-1 : nedit - insecure temporary file

The nedit Nirvana editor package as shipped in the non-free section accompanying Debian GNU/Linux 2.2/potato had a bug in its printing code: when printing text it would create a temporary file with the to be printed text and pass that on to the print system. The temporary file was not created...

Debian DSA-553-1 : getmail - symlink vulnerability

A security problem has been discovered in getmail, a POP3 and APOP mail gatherer and forwarder. An attacker with a shell account on the victims host could utilise getmail to overwrite arbitrary files when it is running as root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

Debian DSA-339-1 : semi - insecure temporary file

NOTE: due to a combination of administrative problems, this advisory was erroneously released with the identifier 'DSA-337-1'. DSA-337-1 correctly refers to an earlier advisory regarding gtksee. semi, a MIME library for GNU Emacs, does not take appropriate security precautions when creating...

Debian DSA-279-1 : metrics - insecure temporary file creation

Paul Szabo and Matt Zimmerman discovered two similar problems in metrics, a tools for software metrics. Two scripts in this package, 'halstead' and 'gatherstats', open temporary files without taking appropriate security precautions. 'halstead' is installed as a user program, while 'gatherstats' i...

DSA-553-1 getmail - symlink vulnerability

Bulletin has no description...

CVE-2004-0559

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory...

CVE-2004-0880

getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file...

[VulnWatch] Php Vulnerability N. 2

Let's go for the second one: ========================================= Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Affected: Php = 5.0.1 Not Affected: it seems none Vulnerability Type: Possible write of a downloaded file in an arbitrary location. Vendor Status:...

Webmin, Usermin: Multiple vulnerabilities in Usermin

Background Webmin and Usermin are web-based system administration consoles. Webmin allows an administrator to easily configure servers and other features. Usermin allows users to configure their own accounts, execute commands, and read e-mail. The Usermin functionality, including webmail, is also...

CVE-2004-0851

The 1 writelist and 2 dumpcurrlist functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-0851

The 1 writelist and 2 dumpcurrlist functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-0115

VirtualPCServices in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServicesLog temporary file...

CVE-2003-0924

netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files...

CVE-2002-0662

scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files...

CVE-2002-1193

tkmail before 4.0beta9-8.1 allows local users to create or overwrite files as users via a symlink attack on temporary files...

CVE-2003-0022

The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence...

CVE-2001-1066

The CVE-2001-1066 issue affects the Netscape 6.0.1 installation script on Solaris (and related versions) where the installer creates a temporary, predictably named file in a world-writable /tmp directory without proper existence/ownership checks. This enables a local attacker to perform a symlink...

CVE-2004-0256

CVE-2004-0256 affects GNU libtool and concerns versions prior to 1.5.2. During compilation, libtool directories created under /tmp can be tricked by a symlink, allowing a local user to overwrite arbitrary files. The documented impact is a local, user-level vulnerability with no remote access requ...