1462 matches found
CVE-2001-0109
CVE-2001-0109 affects SuSE 7.0 and earlier, where the component rctab can be manipulated by a local user through a symlink attack on the temporary file rctmp , allowing creation or overwriting of arbitrary files. The vulnerability is due to insecure handling of temporary files leading to local pr...
CVE-2001-0138
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack...
CVE-2000-0992
CVE-2000-0992 is linked to a directory traversal vulnerability in scp for OpenSSH, with the SUSE page noting OpenSSH before 3.4p1 and that this may be a rediscovery of CVE-2000-0992. The connected documents do not provide full technical details (exact affected versions, root cause specifics, or a...
CVE-2000-0702
The CVE-2000-0702 issue affects HP-UX 11.00 (S008net.init) where the net.init rc script could be abused by a local user via a symlink attack from /tmp/stcp.conf to a targeted file, allowing overwriting of arbitrary files. The vulnerability is local and affects file integrity and confidentiality (...
CVE-2000-1134
Multiple shell programs on various Unix systems, including 1 tcsh, 2 csh, 3 sh, and 4 bash, follow symlinks when processing redirects aka here-documents or in-here documents, which allows local users to overwrite files of other users via a symlink attack...
PT-2000-1902 · Openssh +1 · Sshd +1
Name of the Vulnerable Software and Affected Versions: sshd versions 1.2.xx Description: A directory traversal issue in the scp component of sshd allows a remote malicious scp server to overwrite arbitrary files using a .. dot dot attack. Recommendations: For sshd versions 1.2.xx, consider...
Solaris 2.x7.08 - Catman Race Condition (1)
Solaris 2.x7.08 - Catman Race Condition 1 source: https://www.securityfocus.com/bid/2149/info catman is a utility for creating preformatted man pages, distributed as part of the Solaris Operating Environment. A problem exists which could allow local users to overwrite or corrupt files owned by...
FreeBSD-SA-00:71.mgetty
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:71 Security Advisory FreeBSD, Inc. Topic: mgetty can create or overwrite files Category: ports Module: mgetty Announced: 2000-11-20 Credits: Stan Bubrouski Affects: Ports...
HP-UX 11.0010.20 crontab - Overwrite Files
HP-UX 11.0010.20 crontab - Overwrite Files !/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh if -z "$1" then echo "Usage : $0 " exit fi cat /tmp/crontabexp !/bin/sh ln -sf $1 $1 EOF chmod 755 /tmp/crontabexp EDITOR=/tmp/crontabexp export EDITOR crontab -e ...
CVE-2000-0468
CVE-2000-0468 affects HP-UX 10.20 and 11, where a local attacker can overwrite files via a symbolic link attack. The entry indicates local access with low complexity and partial confidentiality/integrity/availability impact (CVSS v2 base 4.6). The connected documents corroborate the description b...
HP-UX 11.0 - net.init RC Script
source: https://www.securityfocus.com/bid/1602/info A vulnerability exists in HP-UX, from Hewlett Packard, under certain configurations. Version 11.0 is confirmed to have this problem; other versions may also be susceptible. If the CLEARTMP option in /etc/rc.config.d is set to 1, meaning enabled,...
HP-UX 11.0 - net.init RC Script
HP-UX 11.0 - net.init RC Script source: https://www.securityfocus.com/bid/1602/info A vulnerability exists in HP-UX, from Hewlett Packard, under certain configurations. Version 11.0 is confirmed to have this problem; other versions may also be susceptible. If the CLEARTMP option in /etc/rc.config...
CVE-1999-0743
Technical details (affected software, versions, root cause, fixes) are not publicly available in the provided documents. Monitor for updates from the listed sources (Red Hat, NVD, CVE listings) for more precise guidance.
CVE-1999-1332
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file...
PT-1999-1699 · Perl · Perl
Name of the Vulnerable Software and Affected Versions: Perl versions 5.004 04 and earlier Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file when Perl is run with the -e option. This is due to Perl following symbolic links...
CVE-1999-0133
The CVE-1999-0133 issue affects the fm_fls license server used with Adobe Framemaker, where local users can overwrite arbitrary files and subsequently gain root access. This is described consistently across multiple connected records (Red Hat and CVE records), with no explicit version details pro...
CVE-1999-1352
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges...
CVE-1999-0743
Trn allows local users to overwrite other users' files via symlinks...
PT-1999-1308 · Debian · Man-Db
Name of the Vulnerable Software and Affected Versions: man-db affected versions not specified Description: The issue allows local users to overwrite files via a symlink attack using the zsoelim program in the Debian man-db package. Recommendations: At the moment, there is no information about a...
PT-1999-1108 · Netscape · Netscape
Name of the Vulnerable Software and Affected Versions: Netscape version 4.5 Description: The issue allows a local user to overwrite arbitrary files of another user whose Netscape crashes. This is related to the talkback feature in Netscape. Recommendations: For Netscape version 4.5, consider...