CVE-1999-1037

CVE-1999-1037 affects SATAN 1.1.1; a local symlink attack allows a non-privileged user to overwrite arbitrary files via /tmp/rex.$$. This is described in the vulnerability record as rex.satan permits local file overwrite through a symlink race. The connected records confirm the affected product a...

CVE-1999-1332

gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file...

CVE-2001-0627

vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack...

CVE-1999-1139

CVE-1999-1139 describes a local privilege escalation in HP-UX 11.0 and earlier via a symlink attack on IOERROR.mytty, allowing local users to overwrite arbitrary files and gain root privileges. Affected component is HP-UX system tooling related to Character-Terminal User Environment (CUE). The co...

CVE-1999-1139

Character-Terminal User Environment CUE in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file...

CVE-1999-1037

rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file...

CVE-2002-0044

GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files...

Maelstrom 1.4.3 abartity file overwrite

Program: Maelstrom Version: 1.4.3 Distribution: RedHat 7.1 When trying to break stuff, ltracing Maelstrom showed the following: fopen"/tmp/f", "w" = 0x08081f58 fprintf0x08081f58, "Main program = sn", "Maelstrom" = 25 fclose0x08081f58 = 0 Which made we wonder if it followed symbolic links, by doin...

CVE-2002-1600

Directory traversal vulnerability in Mike Spice's My Classifieds classifieds.cgi before 1.3 allows remote attackers to overwrite arbitrary files via the category parameter...

[PTL-2002-01] Vulnerabilities in Oracle9iAS Web Cache

PenTest Limited www.pentest-limited.com Security Advisory Vulnerabilities in Oracle9iAS Web Cache Author: Mark Rowe [email protected] Pete Finnigan [email protected] Date: 7th January 2002 Reference: ptl-2002-01...

CVE-2001-1448

Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the 1 mkuserproc, 2 mgrnt, and 3 mgdatasrvr.sc scripts...

CVE-2001-1198

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option...

CVE-2001-1197

klprfaxfilter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file...

CVE-2001-0842

Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. dot dot sequences in the amembernamecookie cookie...

CVE-2001-0809

Vulnerability in CIFS/9000 Server SAMBA A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources...

CVE-2001-0832

Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in 1 the ORACLEHOME/rdbms/log directory or 2 an alternate directory as specified in the ORACLEHOME environmental variable, aka the "Orac...

CVE-2001-0841

Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. dot dot sequences in the amembernamecookie cookie...

Microsoft Internet Explorer (IE) calls telnet.exe with unsafe command-line arguments ("Telnet Invocation")

Overview A telnet client can be invoked with unsafe options by arbitrary HTML "web" pages when rendered by affected Microsoft Internet Explorer clients. Description This vulnerability is also known as the "telnet logging" or "telnet invocation" or "Microsoft IE Telnet Client File Overwrite"...

CVE-2001-0809

The CVE-2001-0809 issue affects HP-UX 11.0/11.11 CIFS/9000 Server (SAMBA) prior to patch A.01.06. When configured as a print server, local users can overwrite arbitrary files by modifying certain resources. The vulnerability is documented in HP patch PHNE_24164 (A.01.06) for s700/s800 11.X CIFS/9...

CVE-2001-0832

Root cause: gv on Unix contains a buffer overflow due to an unsafe sscanf usage when parsing PostScript/PDF, enabling local arbitrary-code execution with victim privileges. Exploitation requires user to view a malicious file (PoC exists in historical disclosures); affected versions referenced in ...