CVE-2005-2032

Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files...

CVE-2002-1737

CVE-2002-1737 affects Astaro Security Linux 2.016, where a flaw allows local users to overwrite arbitrary files due to creation of world-writable files and directories. The root cause is insufficient permission controls on created files/dirs, enabling local escalation. Impact is local confidentia...

CVE-2001-1487

popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option...

CVE-2005-1879

LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget...

CVE-2005-1879

LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget...

CVE-2004-2097

Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on 1 /tmp/fvwm-bug created by fvwm-bug, 2 /tmp/wmmenu created by wm-oldmenu2new, 3 /tmp/rates created by x11perfcomp, 4 /tmp/xf86debug.1.log created by xf86debug, 5 /tmp/.winpopup-new created by...

qpopper -- multiple privilege escalation vulnerabilities

Jens Steube reports that qpopper is vulnerable to a privilege escalation vulnerability. qpopper does not properly drop root privileges so that user supplied configuration and trace files can be processed with root privileges. This could allow a local attacker to create or modify arbitrary files...

security flaw

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992...

security flaw

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992...

CVE-2004-2014

Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded...

DEBIAN-CVE-2005-0077

The DBI library libdbi-perl for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file...

CVE-2005-0796

Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. dot dot in the votefilename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory...

CVE-2005-0991

RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files...

KLA10294 WLF vulnerability in Pine

A race condition was found in Pine. By exploiting this vulnerability malicious users can overwrite arbitrary files. This vulnerability can be exploited locally via a symlink attack. Original advisories - Related products Pine CVE list CVE-2005-1066 warning Solution Update to latest version Impact...

GLSA-200504-25 : Rootkit Hunter: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200504-25 Rootkit Hunter: Insecure temporary file creation Sune Kloppenborg Jeppesen and Tavis Ormandy of the Gentoo Linux Security Team have reported that the checkupdate.sh script and the main rkhunter script insecurely creates...

CVE-2001-1448

CVE-2001-1448 affects Magic eDeveloper Enterprise Edition 8.30-5 and earlier. The vulnerability arises from local file overwrites and potential code execution via a symlink attack on temporary files created by the scripts (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc. The described impact is l...

CVE-2004-1181

htmlheadline before 21.8 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-0004

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files...

portupgrade -- insecure temporary file handling vulnerability

Simon L. Nielsen discovered that portupgrade handles temporary files in an insecure manner. This could allow an unprivileged local attacker to execute arbitrary commands or overwrite arbitrary files with the permissions of the user running portupgrade, typically root, by way of a symlink attack...

CVE-2005-0796

Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. dot dot in the votefilename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory...