CVE-2002-0759

CVE-2002-0759 affects bzip2 prior to 1.0.2, notably in FreeBSD 4.5 and earlier and OpenLinux 3.1/3.1.1. The issue is that bzip2 does not use the O_EXCL flag to create files during decompression and does not warn if an existing file would be overwritten. This could allow an attacker to overwrite f...

CVE-2002-0157

Nautilus 1.0.4 and earlier are affected by CVE-2002-0157 due to a symlink-attack in the creation of the .nautilus-metafile.xml metadata file. A local attacker can cause overwrites of arbitrary files in a target directory by exploiting an unchecked symlink when Nautilus copies files between direct...

CVE-2002-0157

Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file...

CVE-2001-1378

The CVE-2001-1378 issue affects fetchmailconf in fetchmail prior to 5.7.4, where a symlink attack on temporary files allows local users to overwrite files owned by other users. The root cause is improper handling of temporary files during configuration, enabling a local, non-privileged user to le...

CVE-2002-0169

The CVE-2002-0169 issue concerns the default DocBook stylesheet shipped with Red Hat Linux 6.2–7.2. The insecure option in the stylesheet allowed an untrusted DocBook document to cause file writes outside the current directory by using a full pathname as an element identifier, potentially affecti...

CVE-2002-0178

The CVE-2002-0178 issue affects the uudecode utility in the GNU Sharutils package prior to version 4.2.1, which does not validate the destination filename against pipes or symbolic links. This can allow a local attacker to overwrite files or escalate privileges by decoding into sensitive or open ...

CVE-2002-1502

Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file...

CVE-2002-1514

gdslockmgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "iscinit1.X" temporary file, as demonstrated by modifying the xinetdbd file...

CVE-2002-1512

xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbrudscheck.dd temporary file...

CVE-2002-1516

rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack...

CVE-2002-1550

dumpsmutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2003-0086

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown...

CVE-2003-0086

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown...

CVE-2003-0150

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf...

CVE-2002-1449

CVE-2002-1449 affects eUpload 1.0, where the password.txt file is stored in plaintext under the web document root. This plaintext password file enables remote attackers to overwrite arbitrary files by reading password.txt. The available documents specify the vulnerability and impact but do not pr...

CVE-2003-0086

CVE-2003-0086 affects Samba up to version 2.2.8 and concerns the reg file write path. The issue is a race condition involving chown in the code that writes registration files, allowing a local user to overwrite arbitrary files. Public sources (e.g., Debian, Red Hat, Mandrake advisories) state a f...

CVE-2003-0086

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown...

CVE-2003-0086

The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown...

Samba < 2.2.8 Multiple Vulnerabilities

The remote Samba server, according to its version number, is vulnerable to a remote buffer overflow when receiving specially crafted SMB fragment packets. An attacker needs to be able to access at least one share to exploit this flaw. In addition, it is reported that Samba contains a flaw related...

sshd scp Traversal Arbitrary File Overwrite

You are running OpenSSH 1.2.3, or 1.2. This version has directory traversal vulnerability in scp, it allows a remote malicious scp server to overwrite arbitrary files via a .. dot dot attack. This script was written by Xue Yong Zhi See the Nessus Scripts License for details Changes by Tenable: -...