SuSE Linux 9.0 - YaST Configuration Skribt Overwrite Files

SuSE Linux 9.0 - YaST Configuration Skribt Overwrite Files include include include define PATH "/tmp/tmp.SuSEconfig.gnome-filesystem." define START 1 define END 33000 int mainint argc, char argv int i; char buf150; printf"\tSuSE 9.0 YaST script SuSEconfig.gnome-filesystem exploit\n";...

susegnome.txt

Author: l0om Date: 12.01.2004 page: www.excluded.org SuSE 9.0 - YaST script SuSEconfig.gnome-filesystem There is a symlink problem in the SuSEconfig.gnome-filesystem scribt. a normal user can creat and overwrite every file on the system. This script gets executed after a configuration change by t...

lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1)

lionmax software www file share pro 2.4x - Multiple Vulnerabilities 1 // source: https://www.securityfocus.com/bid/9425/info WWW File Share Pro has been reported prone to multiple remote vulnerabilities. The first reported issue is that a remote attacker may employ the "upload" functionality of t...

lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2)

lionmax software www file share pro 2.4x - Multiple Vulnerabilities 2 // source: https://www.securityfocus.com/bid/9425/info WWW File Share Pro has been reported prone to multiple remote vulnerabilities. The first reported issue is that a remote attacker may employ the "upload" functionality of t...

lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2)

// source: https://www.securityfocus.com/bid/9425/info WWW File Share Pro has been reported prone to multiple remote vulnerabilities. The first reported issue is that a remote attacker may employ the "upload" functionality of the vulnerable software to overwrite arbitrary files that are writable ...

lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1)

// source: https://www.securityfocus.com/bid/9425/info WWW File Share Pro has been reported prone to multiple remote vulnerabilities. The first reported issue is that a remote attacker may employ the "upload" functionality of the vulnerable software to overwrite arbitrary files that are writable ...

CVE-2003-1156

Java Runtime Environment JRE and Software Development Kit SDK 1.4.2 through 1.4.202 allows local users to overwrite arbitrary files via a symlink attack on 1 unpack.log, as created by the unpack program, or 2 .mailcap1 and .mime.types1, as created by the RPM program...

CVE-2003-1279

S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on 1 /tmp/F8499 by Sqpe, 2 /tmp/PRINT.$$.out by PRINT, 3 /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, 4 /tmp/file.1 and /tmp/file.2 by sasget, 5 /tmp/file.1 by sasvars, an...

CVE-2003-1280

Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create arbitrary files via a .. dot dot in multipart/form-data uploads...

CVE-2003-1528

nsrshutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrshPID temporary file...

CVE-2003-0885

Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the 1 apple2, 2 xanalogtv, and 3 pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack...

CVE-2003-1294

Xscreensaver before 4.15 creates temporary files insecurely in 1 driver/passwd-kerberos.c, 2 driver/xscreensaver-getimage-video, 3 driver/xscreensaver.kss.in, and the 4 vidwhacker and 5 webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2003-0898

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on 1 db2job and 2 db2job2...

CVE-2003-0846

SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .javawrapper temporary file...

CVE-2003-0872

Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files...

CVE-2003-0844

modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via 1 a symlink attack on predictable temporary filenames on Unix systems, or 2 an NTFS hard link on Windows systems when the...

CVE-2003-0877

Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory...

CVE-2003-0878

slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875...

Mac OS X Arbitrary File Overwrite via Core Files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Arbitrary File Overwrite via Core Files Release Date: 10/24/2003 Application: Kernel Platform: Mac OS X Severity: High Author: Dave G. [email protected] Vendor Status: Vendor has new releas...

CVE-2003-0898

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on 1 db2job and 2 db2job2...