CVE-1999-1013

CVE-1999-1013 affects AIX 4.1.5 and 4.2.1 via the named-xfer component. A flaw allows members of the system group to overwrite system files and gain root access by abusing the -f parameter together with a malformed zone file. Root cause is improper validation of file operations and zone-file pars...

CVE-1999-1495

xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file...

CVE-1999-1013

named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file...

CVE-1999-1388

The CVE-1999-1388 entry concerns SunOS 4.1.x, where the passwd utility is vulnerable to a local symlink attack via the -F command line argument. This allows local users to overwrite arbitrary files, due to the underlying symlink race condition in passwd. The affected component is the passwd progr...

CVE-1999-1517

CVE-1999-1517 concerns runtar in the Amanda backup system on UNIX-like OSes. The vulnerable component runs tar with root privileges, enabling a local attacker to overwrite or read arbitrary files by specifying target files to runtar. The CVSS-based notes indicate local access, no authentication, ...

CVE-1999-1299

rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file...

CVE-2001-1101

The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows 1 remote authenticated users to overwrite arbitrary files ending in '.log', or 2 local users to overwrite arbitrary files via...

CVE-2001-1102

Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable...

Bug in remote GUI access in CheckPoint Firewall

There is a bug in how the desktop GUI for managing a CheckPoint firewall handles log viewer saves. Regardless of the type of user defined for GUI access, the user can save the file to any directory they wish as well as a few other things. This has been verified from ver. 3.0b through ver. 4.1 SP2...

Символьные линки в Check Point (symbolic links)

Можно перезаписать любые файлы данными пользователя...

CVE-2001-1066

ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack...

CVE-2001-0642

Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. dot dot sequences to filenames listed in the content.ini file...

CVE-2001-0625

ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log...

Sambar Server pagecount CGI Traversal Arbitrary File Overwrite

By default, there is a pagecount script with Sambar Web Server located at http://sambarserver/session/pagecount This counter writes its temporary files in c:\sambardirectory\tmp. It allows to overwrite any files on the filesystem since the 'page' parameter is not checked against '../../' attacks...

CVE-2001-0605

Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld skins-data file which contains long strings of random data...

CVE-2001-0556

The CVE describes a local arbitrary-file overwrite vulnerability in Nirvana Editor (NEdit) 5.1.1 and earlier, caused by a symlink/insecure temporary file handling when printing (affecting backup and temp files).

Sambar Server 4.45.0 - pagecount File Overwrite

Sambar Server 4.45.0 - pagecount File Overwrite source: https://www.securityfocus.com/bid/3091/info Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems. Sambar WWW Server is bundled with a sample script'pagecount' which creates temporary files on the host. However...

Sambar Server 4.4/5.0 - 'pagecount' File Overwrite

source: https://www.securityfocus.com/bid/3091/info Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems. Sambar WWW Server is bundled with a sample script'pagecount' which creates temporary files on the host. However, it is possible for a remote attacker to craft ...

CVE-2001-1268

Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...

CVE-2001-1271

Directory traversal vulnerability in rar 2.02 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot attack on archived filenames...