CVE-2012-2103

The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names...

Ubuntu: Security Advisory (USN-1543-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-3447

virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...

GLSA-201208-04 : Gajim: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201208-04 Gajim: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Gajim. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially...

CVE-2012-3453

logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files...

CentOS Update for rsync CESA-2011:0999 centos5 x86_64

Check for the Version of rsync OpenVAS Vulnerability Test CentOS Update for rsync CESA-2011:0999 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

PYSEC-2012-39

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

CVE-2012-3361

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

CVE-2012-1906

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages...

CVE-2011-2722

The senddatatostdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing HPLIP 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file...

CVE-2011-2722

The senddatatostdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing HPLIP 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file...

CVE-2012-2093

src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the gettmpfilename function...

Debian Security Advisory DSA 2451-1 (puppet)

The remote host is missing an update to puppet announced via advisory DSA 2451-1. OpenVAS Vulnerability Test $Id: deb24511.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2451-1 puppet Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Ubuntu: Security Advisory (USN-1419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat...

PYSEC-2012-31

libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat...

Ubuntu: Security Advisory (USN-1305-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-5060

The parmktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different...

Code injection

The parmktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different...

CVE-2011-4114

The parmktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program. NOTE:...