PYSEC-2013-2

lib/ansible/playbook/init.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/...

CVE-2013-4260

lib/ansible/playbook/init.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/...

CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...

CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...

cfme: CFME 2.0 multiple zip file upload path traversal vulnerabilities

Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. dot dot in the filename parameter to the 1 log, 2 upload, or 3 linuxpkgs method...

Path traversal

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / slash or \ backslash in a DDOC file...

CVE-2013-5648

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / slash or \ backslash in a DDOC file...

CVE-2013-5648

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / slash or \ backslash in a DDOC file...

PYSEC-2013-9

pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory...

Ubuntu: Security Advisory (USN-1927-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1927-1: libimobiledevice vulnerability

Paul Collins discovered that libimobiledevice incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files and access device keys. In the default Ubuntu installation, this issue should be mitigated by the Yama link restrictions...

AIX 6.1 TL 8 : tftp (IV42933)

A non-root user can read and overwrite files owned by others including root via tftp client. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory tftpadvisory.asc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

CVE-2013-0096

Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."...

Mandriva Linux Security Advisory : groff (MDVSA-2013:086)

Multiple vulnerabilities has been found and corrected in groff : contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file CVE-2009-5044. The 1 gendef.sh, 2 doc/fixinfo.sh, and 3...

CVE-2012-5635

The GlusterFS functionality in Red Hat Storage Management Console 2.0, Native Client, and Server 2.0 allows local users to overwrite arbitrary files via a symlink attack on multiple temporary files created by 1 tests/volume.rc, 2 extras/hook-scripts/S30samba-stop.sh, and possibly other vectors,...

CVE-2013-2741

importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not require that authentication be enabled, which allows remote attackers to obtain sensitive information, or overwrite or delete files, via vectors involving a 1 direct request, 2 step=1 request,...

PT-2013-2187 · Apache +1 · Apache Commons Fileupload +1

Name of the Vulnerable Software and Affected Versions: Apache Commons FileUpload versions 1.0 through 1.2.2 Description: The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload uses the /tmp directory for uploaded files, which allows local users to overwrite...

CVE-2013-0261

A flaw was found in PackStack. A local user could exploit a symlink attack on a temporary file with a predictable name in the /tmp directory. This vulnerability allows the local user to overwrite arbitrary files on the system, potentially leading to system compromise or data corruption...

CVE-2013-0261 Packstack: packstack: arbitrary file overwrite via symlink attack

A flaw was found in PackStack. A local user could exploit a symlink attack on a temporary file with a predictable name in the /tmp directory. This vulnerability allows the local user to overwrite arbitrary files on the system, potentially leading to system compromise or data corruption...

packstack: insecure use of /tmp in manifest creation

1 installer/basedefs.py and 2 modules/ospluginutils.py in PackStack allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...