CVE-2011-4617

virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/...

Directory traversal

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...

CVE-2011-4596

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...

Directory traversal

Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers to overwrite arbitrary files via . dot characters in a pathname that is used for a file transfer in an Internet game...

CVE-2011-3616

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf...

CVE-2011-3171

Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors...

CVE-2011-3869

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

CVE-2011-3869

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

CVE-2011-3869

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file...

Ubuntu: Security Advisory (USN-1235-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-201110-08 : feh: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201110-08 feh: Multiple vulnerabilities Multiple vulnerabilities have been discovered in feh. Please review the CVE identifiers referenced below for details. Impact : A malicious entity might entice a user to visit a URL using the...

feh: Multiple vulnerabilities

Background feh is a fast, lightweight imageviewer using imlib2. Description Multiple vulnerabilities have been discovered in feh. Please review the CVE identifiers referenced below for details. Impact A malicious entity might entice a user to visit a URL using the --wget-timestamp option, thus...

USN-1217-1: Puppet vulnerability

Kristian Erik Hermansen discovered a directory traversal vulnerability in the SSLFile indirection base class. A remote attacker could exploit this to overwrite files with the privileges of the Puppet Master...

StudioLine Photo Basic 3.70.34.0 Insecure Method

Vulnerability ID: HTB23024 Reference: http://www.htbridge.ch/advisory/studiolinephotobasic3activexcontrolinsecuremethod.html Product: StudioLine Photo Basic 3 Vendor: H&M Software http://studioline.biz Vulnerable Version: 3.70.34.0 and probably prior Tested on: 3.70.34.0 Vendor Notification: 15...

CVE-2011-2185

Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on 1 a /tmp/fab..tar file or 2 certain other files in the top level of /tmp/...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : logrotate vulnerabilities (USN-1172-1)

It was discovered that logrotate incorrectly handled the creation of new log files. Local users could possibly read log files if they were opened before permissions were in place. This issue only affected Ubuntu 8.04 LTS. CVE-2011-1098 It was discovered that logrotate incorrectly handled certain...

CVE-2011-2664

CVE-2011-2664 concerns a post-installation/installation-time vulnerability in Check Point’s Multi-Domain Management / Provider-1 and related SmartCenter components. An unprivileged local user can overwrite arbitrary files via a symlink-related weakness in a post-install script used to generate th...

CVE-2009-5079

The 1 gendef.sh, 2 doc/fixinfo.sh, and 3 contrib/gdiffmk/tests/runtests.in scripts in GNU troff aka groff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro.tmp or /tmp/ temporary file...

CVE-2011-2533

The configure script in D-Bus aka DBus 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/...

CVE-2011-2533

The configure script in D-Bus aka DBus 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/...