Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Arbitrary File Overwrite

// source: https://www.securityfocus.com/bid/10196/info Reportedly the Unreal Tournament Engine is affected by a local file overwrite vulnerability due to the UMOD manifest.ini file. This issue is due to an input validation error that allows a malicious user specify arbitrary files for writing,...

Xine 0.9.x and Xine-Lib 1 - Multiple Remote File Overwrite Vulnerabilities

source: https://www.securityfocus.com/bid/10193/info It has been reported that the xine media player and the xine media library are affected by multiple remote file overwrite vulnerabilities. This is due to a design error that allows various media resource file configurations to write to arbitrar...

CVE-2004-0404

logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp...

CVE-2004-0423

The logevent function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file...

CVE-2004-0423

CVE-2004-0423 affects ssmtp 2.50.6 and earlier. The log_event function allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file, enabling local privilege impact as described. The Connected documents provide the same description across multiple sourc...

CVE-2004-0423

The logevent function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file...

ssmtp insecure file creation

Hi, ssmtp 2.50.6 create a logfile /tmp/ssmtp.log. The data in this logfile is user specified. It's possible to overwrite any file with the permissons of the ssmtp program normally root. The vulnerable call is in logevent. logevent vulnerable call: ifdef LOGFILE iffp = fopen"/tmp/ssmtp.log", "a" !...

CVE-2004-0388

CVE-2004-0388 affects the MySQL server via the mysqld_multi script, allowing a local user to overwrite arbitrary files through a symlink attack. The root cause is insecure handling of temporary/target paths, enabling a symlink-based overwrite. The documented impact is local access with partial in...

CVE-2003-0202

The 1 halstead and 2 gatherstats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2004-0107

The 1 post and 2 trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108...

CVE-2004-0107

The 1 post and 2 trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108...

CVE-2004-0108

The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107...

CVE-2004-0372

xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the 1 xine-bugreport or 2 xine-check scripts...

FreeBSD-SA-04:07.cvs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:07.cvs Security Advisory The FreeBSD Project Topic: CVS path validation errors Category: contrib Module: contribcvs Announced: 2004-04-15 Revised: 2004-04-16...

CVS Server and Client Vulnerabilities

Background CVS, which stands for Concurrent Versions System, is a client/server application which tracks changes to sets of files. It allows multiple users to work concurrently on files, and then merge their changes back into the main tree which can be on a remote system. It also allows branching...

CVS path validation errors

Two programming errors were discovered in which path names handled by CVS were not properly validated. In one case, the CVS client accepts absolute path names from the server when determining which files to update. In another case, the CVS server accepts relative path names from the client when...

CVE-2004-0381

mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file...

[Full-Disclosure] Texutil symlink vulnerability.

Product: texutil Versions: All Bug: Symlink bug Impact: Attackers can overwrite arbitrary files with the privileges of the invoking user Risk: Medium Date: April 4, 2004 Author: Shaun Colley Email: shaunige yahoo co uk WWW: http://www.nettwerked.co.uk Introduction Vendor description: --- "When...

SuSEs YaST Online Update - possible symlink attack

author:l0om - l0omatexcluded.org - www.excluded.org date:05.04.2004 product:SuSE 9.0 maybe lower possible symlink attack in SuSEs YOU YaST Online Update in SuSE linux you can use YOU to auto update your system. you can do this by YaST or by hand with the command "onlineupdate". as a normal user y...

CVE-2004-0372

xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the 1 xine-bugreport or 2 xine-check scripts...