CVE-2003-0524

Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary files via a symlink attack on the qtplugins3.0rc temporary file in the .qt directory...

DEBIAN-CVE-2003-0517

faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files...

[SECURITY] [DSA-362-1] New mindi packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 362-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 2nd, 2003 http://www.debian.org/security/faq -...

CVE-2003-0606

sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files...

[SECURITY] [DSA-353-1] New sup packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 353-1 [email protected] http://www.debian.org/security/ Matt Zimmerman July 29th, 2003 http://www.debian.org/security/faq -...

DEBIAN-CVE-2003-0381

Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script...

CVE-2003-0367

znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2003-0207

CVE-2003-0207 affects the ps2epsi component in gs-common. The root cause is insecure creation of temporary files when ps2epsi invokes ghostscript, which can allow a local attacker to overwrite arbitrary files. The vulnerability is documented in Debian DSA-286-1 and is reflected in multiple feeds ...

CVE-2002-0174

IRIX nsd symlink vulnerability (CVE-2002-0174): on SGI IRIX versions prior to 6.5.11, nsd can be tricked via a symlink attack on /var/tmp/nsd.dump to damage/modify the dump file when the nsd process receives USR1. Local users could potentially gain root privileges. The advisory fixes/change is to...

CVE-2001-1085

CVE-2001-1085 concerns Lmail 2.7 and earlier. The vulnerability arises from a symlink attack on a temporary file, allowing local users to overwrite arbitrary files. The reports indicate local access is required; impact is partial on confidentiality, integrity, and availability per the provided me...

CVE-2002-0044

CVE-2002-0044 affects GNU Enscript up to version 1.6.1. The vulnerability arises from insecure handling of temporary files (symlink-based attack), enabling local users to overwrite arbitrary files owned by the Enscript user. Public references in Debian DSA-105-1, Mandrake MDKSA-2002:010, and (old...

Multiple vulnerabilities in QNX

I think I found what appears to be several or one fundamental vulnerabilities under QNXtested on version 4.25. I have not found any documentation/reference to these anywhere, so I assume they/it were not known. Importance of the bug: any local user can gain root accesswhich, under QNX, means root...

Caldera OpenServer 5.0.5/5.0.6 - SCOAdmin Symbolic Link

source: https://www.securityfocus.com/bid/4875/info A vulnerability has been reported in the scoadmin utility that may allow a local attacker to overwrite any file. The vulnerability is due to the predictable naming of temporary files used by scoadmin. When writing to temporary files, there are n...

CVE-2002-0137

CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file...

CVE-2001-0774

Tripwire 1.3.1, 2.2.1 and 2.3.0 are vulnerable to a local symlink attack that can overwrite arbitrary files in /tmp and may enable privilege escalation. Root cause: temporary files are opened/created without O_EXCL and with predictable names, allowing a non-privileged local attacker to redirect d...

CVE-1999-1332

gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file...

CVE-2001-1041

CVE-2001-1041 affects Oracle 8.0.x, 8.1.x, and 9.0.1. The vulnerability arises from a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by ORACLE_HOME, enabling local users to overwrite arbitrary files. The root cause is the mishandling of...

script.command.txt

------------------------------------------------------------- Title: Silly hardlink vulnerability in UNIX 'script' command Linux version maintainer: Andries Brouwer [email protected] Bug found by: Marco van Berkum [email protected] Date: 17-12-2001 Priority: low...

CVE-2001-0832

Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in 1 the ORACLEHOME/rdbms/log directory or 2 an alternate directory as specified in the ORACLEHOME environmental variable, aka the "Orac...

CVE-2001-0841

Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. dot dot sequences in the amembernamecookie cookie...