1462 matches found
GLSA-200411-17 : mtink: Insecure tempfile handling
The remote host is affected by the vulnerability described in GLSA-200411-17 mtink: Insecure tempfile handling Tavis Ormandy from Gentoo Linux discovered that mtink uses insecure permissions on temporary files. Impact : A local attacker could create symbolic links in the temporary files directory...
GLSA-200410-19 : glibc: Insecure tempfile handling in catchsegv script
The remote host is affected by the vulnerability described in GLSA-200410-19 glibc: Insecure tempfile handling in catchsegv script The catchsegv script creates temporary files in world-writeable directories with predictable names. Impact : A local attacker could create symbolic links in the...
security flaw
The mysqldmulti script in MySQL allows local users to overwrite arbitrary files via a symlink attack...
CVE-2002-1366
Common Unix Printing System CUPS 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream...
CVE-2003-0120
adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name...
CVE-2002-1550
dumpsmutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2002-1502
Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file...
GLSA-200407-07 : Shorewall : Insecure temp file handling
The remote host is affected by the vulnerability described in GLSA-200407-07 Shorewall : Insecure temp file handling Shorewall uses temporary files and directories in an insecure manner. A local user could create symbolic links at specific locations, eventually overwriting other files on the...
CVE-2004-0423
The logevent function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file...
CVE-2004-0175
CVE-2004-0175 is a directory traversal via scp in OpenSSH prior to 3.4p1, enabling a remote server to overwrite arbitrary files on the client. Root cause is improper path handling in scp. Affected product: OpenSSH (scp component). Impact: allows remote file overwrites. Mitigation: upgrade to Open...
CVE-2004-0473
Opera before 7.50 has an argument injection in its telnet URI handler: leading '-' in the telnet host name is not filtered, allowing remote attackers to pass options to the telnet program and overwrite files. The Gentoo GLSA and related advisories describe two concrete outcomes: creation or trunc...
CVE-2004-0381
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file...
CVE-2004-0388
The mysqldmulti script in MySQL allows local users to overwrite arbitrary files via a symlink attack...
CVE-2004-0108
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107...
CVE-2004-0108
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107...
DEBIAN-CVE-2004-0108
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107...
security flaw
The 1 post and 2 trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108...
CVE-2004-0058
Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary files via a symlink attack on the .pidantivir$$ temporary file...
SuSE Linux 9.0 - YaST Configuration Skribt Overwrite Files
include include include define PATH "/tmp/tmp.SuSEconfig.gnome-filesystem." define START 1 define END 33000 int mainint argc, char argv int i; char buf150; printf"\tSuSE 9.0 YaST script SuSEconfig.gnome-filesystem exploit\n"; printf"\t-------------------------------------------------------------...
CVE-2003-0656
eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile...