Lucene search
K

397 matches found

Gentoo Linux
Gentoo Linux
added 2004/10/09 12:0 a.m.29 views

ed: Insecure temporary file handling

Background ed is a line-oriented text editor, used to create or modify text files, both interactively and via shell scripts. Description ed insecurely creates temporary files in world-writeable directories with predictable names. Given that ed is used in various system shell scripts, they are by...

4.6CVSS6.2AI score0.00392EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/09 12:0 a.m.28 views

GLSA-200410-07 : ed: Insecure temporary file handling

The remote host is affected by the vulnerability described in GLSA-200410-07 ed: Insecure temporary file handling ed insecurely creates temporary files in world-writeable directories with predictable names. Given that ed is used in various system shell scripts, they are by extension affected by t...

4.6CVSS5.6AI score0.00392EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.16 views

Debian DSA-325-1 : eldav - insecure temporary file

eldav, a WebDAV client for Emacs, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of the user running emacs and eldav. %NASLMINLEVEL 70300 C Tenable Network Security, In...

1.2CVSS5.4AI score0.00253EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.30 views

Debian DSA-188-1 : apache-ssl - several vulnerabilities

According to David Wagner, iDEFENSE and the Apache HTTP Server Project, several vulnerabilities have been found in the Apache package, a commonly used webserver. Most of the code is shared between the Apache and Apache-SSL packages, so vulnerabilities are shared as well. These vulnerabilities cou...

7.5CVSS6.2AI score0.94006EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.25 views

Debian DSA-343-1 : skk, ddskk - insecure temporary file

skk Simple Kana to Kanji conversion program, does not take appropriate security precautions when creating temporary files. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running Emacs and skk. ddskk is derived from the same code, and contains...

4.6CVSS5.7AI score0.00358EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.39 views

Debian DSA-483-1 : mysql - insecure temporary file creation

Two vulnerabilities have been discovered in mysql, a common database system. Two scripts contained in the package don't create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the user invoking the MySQL server, which is often the ro...

2.1CVSS5.5AI score0.00604EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.15 views

Debian DSA-323-1 : noweb - insecure temporary files

Jakob Lell discovered a bug in the 'noroff' script included in noweb whereby a temporary file was created insecurely. During a review, several other instances of this problem were found and fixed. Any of these bugs could be exploited by a local user to overwrite arbitrary files owned by the user...

2.1CVSS5.3AI score0.00333EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.29 views

Debian DSA-118-1 : xsane - insecure temporary files

Tim Waugh found several insecure uses of temporary files in the xsane program, which is used for scanning. This was fixed for Debian/stable by moving those files into a securely created directory within the /tmp directory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

5.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.18 views

Debian DSA-202-1 : im - insecure temporary files

Tatsuya Kinoshita discovered that IM, which contains interface commands and Perl libraries for E-mail and NetNews, creates temporary files insecurely. - The impwagent program creates a temporary directory in an insecure manner in /tmp using predictable directory names without checking the return...

2.1CVSS5.5AI score0.00371EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.22 views

Debian DSA-305-1 : sendmail - insecure temporary files

Paul Szabo discovered bugs in three scripts included in the sendmail package where temporary files were created insecurely expn, checksendmail and doublebounce.pl. These bugs could allow an attacker to gain the privileges of a user invoking the script including root. %NASLMINLEVEL 70300 C Tenable...

7.2CVSS5.3AI score0.00398EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.25 views

Debian DSA-159-1 : python - insecure temporary files

Zack Weinberg discovered an insecure use of a temporary file in os.execvpe from os.py. It uses a predictable name which could lead execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

4.6CVSS5.6AI score0.00491EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/16 12:0 a.m.39 views

FreeBSD : webmin -- insecure temporary file creation at installation time (199)

The following package needs to be updated: webmin %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgae7b7f6505c711d9b45d000c41e2cdad.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.4AI score0.00362EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.28 views

GLSA-200405-20 : Insecure Temporary File Creation In MySQL

The remote host is affected by the vulnerability described in GLSA-200405-20 Insecure Temporary File Creation In MySQL The MySQL bug reporting utility mysqlbug creates a temporary file to log bug reports to. A malicious local user with write access to the /tmp directory could create a symbolic li...

2.1CVSS5.4AI score0.00604EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.29 views

GLSA-200404-04 : Multiple vulnerabilities in sysstat

The remote host is affected by the vulnerability described in GLSA-200404-04 Multiple vulnerabilities in sysstat There are two vulnerabilities in the way sysstat handles symlinks: The isag utility, which displays sysstat data in a graphical format, creates a temporary file in an insecure manner...

4.6CVSS5.7AI score0.00392EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/23 12:0 a.m.50 views

FreeBSD : mysql -- mysqlhotcopy insecure temporary file creation (125)

The following package needs to be updated: mysql-scripts %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg0c4d5973f2ab11d89837000c41e2cdad.nasl. Disabled on 2011/10/01. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.4AI score0.00515EPSS
Exploits0References6
Gentoo Linux
Gentoo Linux
added 2004/07/08 12:0 a.m.30 views

Shorewall : Insecure temp file handling

Background Shorewall is a high level tool for configuring Netfilter, the firewall facility included in the Linux Kernel. Description Shorewall uses temporary files and directories in an insecure manner. A local user could create symbolic links at specific locations, eventually overwriting other...

4.6CVSS6.2AI score0.0034EPSS
Exploits0
securityvulns
securityvulns
added 2004/07/03 12:0 a.m.22 views

[ GLSA 200407-01 ] Esearch: Insecure temp file handling

Gentoo Linux Security Advisory GLSA 200407-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

6.9AI score
Exploits0
Debian
Debian
added 2004/04/06 5:13 p.m.58 views

[SECURITY] [DSA 477-1] New xine-ui packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 477-1 [email protected] http://www.debian.org/security/ Martin Schulze April 6th, 2004 http://www.debian.org/security/faq -...

2.1CVSS5.8AI score0.00342EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/04/06 12:0 a.m.40 views

Multiple vulnerabilities in sysstat

Background sysstat is a package containing a number of performance monitoring utilities for Linux, including sar, mpstat, iostat and sa tools Description There are two vulnerabilities in the way sysstat handles symlinks: 1. The isag utility, which displays sysstat data in a graphical format,...

4.6CVSS6.6AI score0.00392EPSS
Exploits0
FreeBSD
FreeBSD
added 2004/03/25 12:0 a.m.23 views

MySQL insecure temporary file creation (mysqlbug)

Shaun Colley reports that the script mysqlbug' included with MySQL sometimes creates temporary files in an unsafe manner. As a result, an attacker may create a symlink in /tmp so that if another user invokes mysqlbug' and quits without making any changes, an arbitrary file may be overwritten with...

2.1CVSS6.4AI score0.00604EPSS
Exploits0References2
Rows per page
Query Builder