CVE-2001-0169

When using the LDPRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib...

CVE-2000-0890

periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack...

CVE-2001-0119

Getty_ps 2.0.7j is affected by a local symlink race that can cause overwriting of arbitrary files in /tmp, potentially impacting files writable by the effective UID (often root). Mandrake/MGK advisories indicate a temporary-file race fix, updating to getty_ps 2.1.0a (or newer) to remediate. CERT ...

CVE-2001-0140

arpwatch 2.1a4 is vulnerable to a local symlink attack that can allow a local user to overwrite arbitrary files in certain configurations. The connected Mandrake advisory MDKSA-2001:002 notes a temporary file race condition and indicates the fix is included in arpwatch version 2.1a10. Affected pr...

CVE-2001-0120

CVE-2001-0120 relates to the shadow-utils package, specifically the useradd component. The vulnerability arises from insecure temporary file handling: useradd creates temporary files in /etc/default with predictable names. If /etc/default is world-writable, an attacker could perform a symbolic-li...

CVE-2001-0116

The CVE concerns gpm 1.19.3 where a race condition allows a local user to exploit predictable /tmp filenames and symlink targets to overwrite/modify files the privileged gpm process uses. This is described in CERT/CC and Mandrake advisories, which note a temporary-file handling flaw; the impact i...

CVE-2001-0142

CVE-2001-0142 affects squid 2.3 and earlier. The issue is a local symlink/race condition that can cause local users to overwrite arbitrary files via temporary file handling in certain configurations. Impact is described as local privilege/content modification without remote access; CVSS reflects ...

CVE-2001-0141

CVE-2001-0141 affects mgetty: multiple sources confirm insecure temporary-file handling that allows local users to overwrite arbitrary files via a symlink attack in certain configurations. Vulnerable until versions before 1.1.24 (Mandrake/MDKSA-2001:009; Debian DSA-011-2 notes patch in 1.1.21-3po...

CVE-2001-0059

patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack...

CVE-2001-0143

The CVE-2001-0143 issue affects the vpop3d component in the linuxconf package (versions 1.23r and earlier). The root cause is a temporary file race (symlink attack) that local users can exploit to overwrite arbitrary files. Public references in the Mandrake advisory MDKSA-2001:011 confirm the vul...

CVE-2001-0125

CVE-2001-0125 affects exmh 2.2 and earlier, where insecure handling of temporary files in /tmp (e.g., exmhErrorMsg) allows local users to overwrite files via a symlink attack. Connected advisories confirm the issue and note that newer versions (e.g., exmh 2.3.1+) fix the vulnerability by switchin...

CVE-2001-0141

mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations...

CVE-2001-0169

CVE-2001-0169 : The GNU C Library (glibc) fails to verify that libraries loaded via LD_PRELOAD into SUID/SGID processes are also non-SUID/non-SGID when they come from /etc/ld.so.cache, enabling a local user to pre-load a library from /lib or /usr/lib and overwrite privileged files. Documented in ...

CVE-2001-0036

KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file...

CVE-2001-0118

rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack...

CVE-2001-0142

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations...

Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read

Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read source: https://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as...

Drummond Miles A1Stats 1.0 - 'a1disp3.cgi' Traversal Arbitrary File Read

source: https://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as querystrings to the A1Stats script. An attacker can compose a long path...

[SECURITY] [DSA-053-1] nedit symlink attack

Package : nedit Problem type : insecure temporary file Debian-specific: no The nedit Nirvana editor package as shipped in the non-free section accompanying Debian GNU/Linux 2.2/potato had a bug in its printing code: when printing text it would create a temporary file with the to be printed text a...

Дырка в PGP для Windows (ASCII parser)

Можно сконфигурировать .asc-файл таким образом, что при его разборе будет перезаписан любой файл...