Lucene search
K

397 matches found

OSV
OSV
added 2005/02/14 12:0 a.m.25 views

DSA-679-1 toolchain-source - insecure temporary files

Bulletin has no description...

4.6CVSS6.2AI score0.00391EPSS
Exploits0
securityvulns
securityvulns
added 2005/02/12 12:0 a.m.30 views

insecure temporary file creation in kdelibs 3.3.2

The dcopidlng' script in the KDE library package kdelibs-3.3.2/dcop/dcopidlng/dcopidlng creates temporary files in a unsecure manner. This bug has been fixed in 32 minutes ! by Stephan Kulow, the KDE team leader. Here you can found the official patch: http://bugs.kde.org/showbug.cgi?id=97608 Note...

Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/10 12:0 a.m.40 views

Mandrake Linux Security Advisory : perl (MDKSA-2005:031)

Jeroen van Wolffelaar discovered that the rmtree function in the perl File::Path module would remove directories in an insecure manner which could lead to the removal of arbitrary files and directories via a symlink attack CVE-2004-0452. Trustix developers discovered several insecure uses of...

4.6CVSS8.4AI score0.01315EPSS
Exploits2References4
Gentoo Linux
Gentoo Linux
added 2005/02/01 12:0 a.m.22 views

FireHOL: Insecure temporary file creation

Background FireHOL is an iptables rules generator. Description FireHOL insecurely creates temporary files with predictable names. Impact A local attacker could create malicious symbolic links to arbitrary system files. When FireHOL is executed, this could lead to these files being overwritten wit...

2.1CVSS6.4AI score0.00348EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/01/30 12:0 a.m.27 views

f2c: Insecure temporary file creation

Background f2c is a Fortran to C translator. Portage uses this package in some ebuilds to build Fortran sources. Description Javier Fernandez-Sanguino Pena from the Debian Security Audit Team discovered that f2c creates temporary files in world-writeable directories with predictable names. Impact...

2.1CVSS6.1AI score0.00352EPSS
Exploits0
Debian
Debian
added 2005/01/27 1:43 p.m.72 views

[SECURITY] [DSA 661-1] New f2c packages fix insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 661-1 [email protected] http://www.debian.org/security/ Martin Schulze January 27th, 2005 http://www.debian.org/security/faq -...

2.1CVSS0.3AI score0.00364EPSS
Exploits0
FreeBSD
FreeBSD
added 2005/01/27 12:0 a.m.21 views

f2c -- insecure temporary files

Javier Fernández-Sanguino Peña reports two temporary file vulnerability within f2c. The vulnerabilities are caused due to weak temporary file handling. An attacker could create an symbolic link, causing a local user running f2c to overwrite the symlinked file. This could give the attacker elevate...

2.1CVSS6.2AI score0.00352EPSS
Exploits0
OSV
OSV
added 2005/01/25 12:0 a.m.12 views

DSA-658-1 libdbi-perl - insecure temporary file

Bulletin has no description...

2.1CVSS6.3AI score0.00412EPSS
Exploits0
securityvulns
securityvulns
added 2005/01/22 12:0 a.m.37 views

[SA13933] Ghostscript Various Scripts Insecure Temporary File Creation

TITLE: Ghostscript Various Scripts Insecure Temporary File Creation SECUNIA ADVISORY ID: SA13933 VERIFY ADVISORY: http://secunia.com/advisories/13933/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Ghostscript 8.x http://secunia.com/product/4550/ DESCRIPTION:...

1.1AI score
Exploits0
FreeBSD
FreeBSD
added 2005/01/21 12:0 a.m.26 views

kdelibs -- insecure temporary file creation

Davide Madrisan reports: The dcopidlng' script in the KDE library package kdelibs-3.3.2/dcop/dcopidlng/dcopidlng creates temporary files in a unsecure manner. Note: dcopidlng is only used at build time, so only users installing KDE are vulnerable, not users already running KDE...

2.1CVSS6.4AI score0.00412EPSS
Exploits0References2
Debian
Debian
added 2005/01/19 11:46 a.m.45 views

[SECURITY] [DSA 647-1] New mysql packages fix insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 647-1 [email protected] http://www.debian.org/security/ Martin Schulze January 19th, 2005 http://www.debian.org/security/faq -...

4.6CVSS0.2AI score0.00594EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/01/19 2:5 a.m.67 views

USN-63-1: MySQL client vulnerability

Javier Fernández-Sanguino Peña noticed that the "mysqlaccess" program created temporary files in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program...

4.6CVSS7AI score0.00594EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/01/19 12:0 a.m.25 views

Debian DSA-647-1 : mysql - insecure temporary files

Javier Fernandez-Sanguino Pena from the Debian Security Audit Project discovered a temporary file vulnerability in the mysqlaccess script of MySQL that could allow an unprivileged user to let root overwrite arbitrary files via a symlink attack and could also could unveil the contents of a tempora...

4.6CVSS6.8AI score0.00594EPSS
Exploits0References2
Debian
Debian
added 2005/01/12 2:26 p.m.26 views

[SECURITY] [DSA 636-1] New libc6 packages fix insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 636-1 [email protected] http://www.debian.org/security/ Martin Schulze January 12th, 2005 http://www.debian.org/security/faq -...

2.1CVSS6.3AI score0.00394EPSS
Exploits0
OSV
OSV
added 2005/01/12 12:0 a.m.27 views

DSA-636-1 glibc - insecure temporary files

Bulletin has no description...

2.1CVSS6.3AI score0.00394EPSS
Exploits0
securityvulns
securityvulns
added 2005/01/07 12:0 a.m.28 views

[SA13725] Apache mod_dosevasive Insecure Temporary File Creation

TITLE: Apache moddosevasive Insecure Temporary File Creation SECUNIA ADVISORY ID: SA13725 VERIFY ADVISORY: http://secunia.com/advisories/13725/ CRITICAL: Not critical IMPACT: Manipulation of data, Privilege escalation WHERE: Local system SOFTWARE: moddosevasive 1.x module for Apache...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2005/01/04 12:0 a.m.27 views

[SECURITY] [DSA 622-1] New htmlheadline package fixes insecure temporary files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 622-1 [email protected] http://www.debian.org/security/ Martin Schulze January 3rd, 2005 http://www.debian.org/security/faq -...

4.6CVSS0.4AI score0.0034EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/01/04 12:0 a.m.41 views

a2ps: Multiple vulnerabilities

Background a2ps is an Any to Postscript filter that can convert to Postscript from many filetypes. fixps is a script that fixes errors in Postscript files. psmandup produces a Postscript file for printing in manual duplex mode. Description Javier Fernandez-Sanguino Pena discovered that the a2ps...

10CVSS1.8AI score0.15981EPSS
Exploits1
Debian
Debian
added 2005/01/03 10:4 a.m.28 views

[SECURITY] [DSA 622-1] New htmlheadline package fixes insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 622-1 [email protected] http://www.debian.org/security/ Martin Schulze January 3rd, 2005 http://www.debian.org/security/faq -...

4.6CVSS0.4AI score0.0034EPSS
Exploits0
Debian
Debian
added 2005/01/03 10:4 a.m.41 views

[SECURITY] [DSA 622-1] New htmlheadline package fixes insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 622-1 [email protected] http://www.debian.org/security/ Martin Schulze January 3rd, 2005 http://www.debian.org/security/faq -...

4.6CVSS6.9AI score0.0034EPSS
Exploits0
Rows per page
Query Builder