CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6860 matches found

OSV•added 2003/06/16 12:0 a.m.•13 views

DSA-323 noweb - insecure temporary files

Bulletin has no description...

2.1CVSS6.2AI score0.00333EPSS

Exploits0

Cvelist•added 2003/06/10 4:0 a.m.•26 views

CVE-2003-0367

znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files...

5.9AI score0.00446EPSS

Exploits0References5

CVE•added 2003/05/14 4:0 a.m.•64 views

CVE-2003-0282

CVE-2003-0282 affects UnZip 5.50 and earlier and is a directory traversal vulnerability where invalid characters placed between two '.' characters are filtered to produce a '..' sequence, allowing overwriting of arbitrary files during archive extraction. Public references in multiple advisories (...

2.6CVSS6.3AI score0.22526EPSS

Exploits1References15Affected Software1

Debian CVE•added 2003/05/14 4:0 a.m.•26 views

CVE-2003-0282

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...

2.6CVSS5.5AI score0.22526EPSS

Exploits1

Tenable Nessus•added 2003/05/09 12:0 a.m.•21 views

PHP Topsites counter.php count_log_file Parameter Arbitrary File Overwrite

The remote host has the cgi 'counter.php' installed. This CGI contains a flaw that can be abused by an attacker to overwrite arbitrary files on the system with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref:...

5.8AI score

Exploits0

NVD•added 2003/05/05 4:0 a.m.•18 views

CVE-2003-0136

psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file...

2.1CVSS6AI score0.0039EPSS

Exploits0References4

OSV•added 2003/05/05 4:0 a.m.•8 views

CVE-2003-0136

psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file...

6AI score

Exploits0References6

Cvelist•added 2003/04/29 4:0 a.m.•18 views

CVE-2003-0221

The 1 dupatch and 2 setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack...

6.6AI score0.00468EPSS

Exploits0References3

Tenable Nessus•added 2003/04/27 12:0 a.m.•189 views

AN HTTPd count.pl Traversal Arbitrary File Overwrite (deprecated)

The remote web server is running a CGI called 'count.pl' which is affected by an directory traversal vulnerability. An attacker could exploit this in order to overwrite any existing file on the remote server, with the privileges of the httpd server. This plugin has been deprecated as it resulted ...

6.8AI score

Exploits0References1

securityvulns•added 2003/04/23 12:0 a.m.•38 views

AN HTTPd Sample Script File Truncation

Product Description AN HTTPd is a relatively small, powerful web server designed for Windows systems. It supports ISAPI, CGI, SSI, and several other powerful technologies such as isolated worker processes usually only seen in production servers. More information on AN HTTPd is available at...

6.9AI score

Exploits0

Packet Storm•added 2003/04/22 12:0 a.m.•30 views

ANHTTPd.txt

7.4AI score

Exploits0

Exploit DB•added 2003/04/22 12:0 a.m.•21 views

AN HTTPD 1.x - Count.pl Directory Traversal

source: https://www.securityfocus.com/bid/7397/info AN HTTPd contains a sample script named count.pl that may be used as a web counter. This script does not perform adequate access validation on paths containing directory traversal ../ character seqences. The vulnerable script may be used to...

7.4AI score

Exploits0

Debian CVE•added 2003/04/15 4:0 a.m.•15 views

CVE-2003-0136

psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file...

2.1CVSS6.1AI score0.0039EPSS

Exploits0

OSV•added 2003/04/14 12:0 a.m.•13 views

DSA-286 gs-common - insecure temporary file

Bulletin has no description...

2.1CVSS6.4AI score0.00308EPSS

Exploits0

OSV•added 2003/04/07 12:0 a.m.•2 views

DSA-279 metrics - insecure temporary file creation

Paul Szabo and Matt Zimmerman discovered two similar problems in metrics, a tools for software metrics. Two scripts in this package, "halstead" and "gather\stats", open temporary files without taking appropriate security precautions. "halstead" is installed as a user program, while "gather\stats"...

7.2AI score

Exploits0

FreeBSD•added 2003/04/03 12:0 a.m.•31 views

cscope -- symlink attack vulnerability

cscope is vulnerable to a symlink attack which could lead to an attacker overwriting arbitrary files with the permissions of the user running cscope...

2.1CVSS2.4AI score0.01145EPSS

Exploits2References3

Cvelist•added 2003/04/02 5:0 a.m.•17 views

CVE-2002-0178

uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands...

6.6AI score0.00622EPSS

Exploits0References11

Cvelist•added 2003/04/02 5:0 a.m.•23 views

CVE-2002-0678

CDE ToolTalk database server ttdbserver allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the TTTRANSACTION RPC procedure...

6.2AI score0.09418EPSS

Exploits0References12

Cvelist•added 2003/04/02 5:0 a.m.•21 views

CVE-2002-0887

scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files...

6.5AI score0.00688EPSS

Exploits0References4

Cvelist•added 2003/04/02 5:0 a.m.•19 views

CVE-2001-1378

fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files...

6.2AI score0.00342EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by