CVE-2004-0423

The logevent function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file...

CVE-2004-0473

Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via 1 the "-f" option on Windows XP or 2 the "-n" option...

DEBIAN-CVE-2004-0423

The logevent function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file...

CVE-2004-0404

logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp...

FreeBSD : xine-lib arbitrary file overwrite (96)

The following package needs to be updated: libxine %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkge50b04e89c5511d893660020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

RHEL 2.1 : unzip (RHSA-2003:200)

Updated unzip packages resolving a vulnerability allowing arbitrary files to be overwritten are now available. Updated 15 August 2003 Ben Laurie found that the original patch to fix this issue missed a case where the path component included a quoted slash. These updated packages contain a new pat...

CVE-2004-0175

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992...

CVE-2003-0193

msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names "word$$.html"...

CVE-2003-0193

msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names "word$$.html"...

PT-2004-1077 · Openssh +3 · Openssh +4

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 3.4p1 rsh-server-0.17 rsh-0.17 Description: The issue is related to a directory traversal vulnerability in the scp component of OpenSSH, which can be exploited by remote malicious servers to overwrite arbitrary files...

CVE-2004-0388

The mysqldmulti script in MySQL allows local users to overwrite arbitrary files via a symlink attack...

Moderate: Red Hat Security Advisory: utempter security update

An updated utempter package that fixes a potential symlink vulnerability is now available. Utempter is a utility that allows terminal applications such as xterm and screen to update utmp and wtmp without requiring root privileges. Steve Grubb discovered a flaw in Utempter which allowed device nam...

security flaw

Utempter allows device names that contain .. dot dot directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files...

CVE-2004-0473

Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via 1 the "-f" option on Windows XP or 2 the "-n" option...

KDE URI Handler Vulnerabilities

Background The K Desktop Environment KDE is a powerful Free Software graphical desktop environment. KDE makes use of URI handlers to trigger various programs when specific URLs are received. Description The telnet, rlogin, ssh and mailto URI handlers in KDE do not check for '-' at the beginning o...

Utempter symlink vulnerability

Background Utempter is an application that allows non-privileged apps to write utmp login info, which otherwise needs root access. Description Utempter contains a vulnerability that may allow local users to overwrite arbitrary files via a symlink attack. Impact This vulnerability may allow...

Multiple vulnerabilities in LHa

Background LHa is a console-based program for packing and unpacking LHarc archives. Description Ulf Harnhammar found two stack overflows and two directory traversal vulnerabilities in LHa version 1.14 and 1.17. A stack overflow occurs when testing or extracting archives containing long file or...

CVE-2004-0381

mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file...

Multiple Vulnerabilities in Samba

Background Samba is a package which allows UNIX systems to act as file servers for Windows computers. It also allows UNIX systems to mount shares exported by a Samba/CIFS/Windows server. smbmount is a program in the Samba package which allows normal users on a UNIX system to mount remote shares...

Xine 0.9.x and Xine-Lib 1 - Multiple Remote File Overwrite Vulnerabilities

Xine 0.9.x and Xine-Lib 1 - Multiple Remote File Overwrite Vulnerabilities source: https://www.securityfocus.com/bid/10193/info It has been reported that the xine media player and the xine media library are affected by multiple remote file overwrite vulnerabilities. This is due to a design error...