1490 matches found
CVE-2001-0556
The Nirvana Editor NEdit 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on 1 backup files or 2 temporary files used when nedit prints a file or portions of a file...
CVE-2001-0417
The CVE-2001-0417 entry concerns Kerberos 4 (krb4) where local users can overwrite arbitrary files via a symlink attack on new ticket files. The connected records corroborate a local-privilege impact vector with a partial integrity impact, and a low overall CVSS score (2.1/10, AV:L/AC:L/Au:N/I:P/...
CVE-2001-0109
CVE-2001-0109 affects SuSE 7.0 and earlier, where the component rctab can be manipulated by a local user through a symlink attack on the temporary file rctmp , allowing creation or overwriting of arbitrary files. The vulnerability is due to insecure handling of temporary files leading to local pr...
CVE-2001-0117
CVE-2001-0117 concerns diffutils’ sdiff 2.7, where sdiff creates temporary files insecurely, enabling a local user to overwrite files via a symlink attack. The issue affects diffutils in affected distributions (e.g., Red Hat advisories note a temporary-file handling vulnerability in sdiff). Explo...
CVE-2001-0222
CVE-2001-0222 affects Webmin 0.84 and earlier. The vulnerability is a local, file-overwrite via a symlink attack, enabling local users to create or overwrite arbitrary files on the system. The available sources (NVD/CVE listing and Nessus plugin linking CVE-2001-0222 with Webmin 0.85+ family) con...
CVE-2001-0118
CVE-2001-0118 affects rdist 6.1.5 and describes a local vulnerability where an attacker can overwrite arbitrary files via a symlink attack. The Connected documents corroborate the issue as a local symlink-based overwrite vulnerability. No specific remediation, affected versions beyond 6.1.5, expl...
CVE-2001-0059
CVE-2001-0059 : Solaris’s patchadd is vulnerable to a local symlink attack that allows a local user to overwrite arbitrary files. This affects the patchadd utility used on Solaris, with a CVSSv2 base score of 6.2 (MEDIUM) and an impact of Confidentiality=Complete, Integrity=Complete, Availability...
CVE-2001-0140
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations...
CVE-2001-0069
CVE-2001-0069 affects the Debian GNU/Linux package dialog prior to version 0.9a-20000118-3bis. The vulnerability is a symlink attack that allows a local user to overwrite arbitrary files. The issue arises from a race condition involving symlinks, enabling manipulation of file targets by a non-pri...
CVE-2001-0138
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack...
CVE-2000-0992
CVE-2000-0992 is linked to a directory traversal vulnerability in scp for OpenSSH, with the SUSE page noting OpenSSH before 3.4p1 and that this may be a rediscovery of CVE-2000-0992. The connected documents do not provide full technical details (exact affected versions, root cause specifics, or a...
CVE-2000-0702
The CVE-2000-0702 issue affects HP-UX 11.00 (S008net.init) where the net.init rc script could be abused by a local user via a symlink attack from /tmp/stcp.conf to a targeted file, allowing overwriting of arbitrary files. The vulnerability is local and affects file integrity and confidentiality (...
CVE-2000-1134
Multiple shell programs on various Unix systems, including 1 tcsh, 2 csh, 3 sh, and 4 bash, follow symlinks when processing redirects aka here-documents or in-here documents, which allows local users to overwrite files of other users via a symlink attack...
PT-2000-1902 · Openssh +1 · Sshd +1
Name of the Vulnerable Software and Affected Versions: sshd versions 1.2.xx Description: A directory traversal issue in the scp component of sshd allows a remote malicious scp server to overwrite arbitrary files using a .. dot dot attack. Recommendations: For sshd versions 1.2.xx, consider...
Solaris 2.x7.08 - Catman Race Condition (1)
Solaris 2.x7.08 - Catman Race Condition 1 source: https://www.securityfocus.com/bid/2149/info catman is a utility for creating preformatted man pages, distributed as part of the Solaris Operating Environment. A problem exists which could allow local users to overwrite or corrupt files owned by...
FreeBSD-SA-00:71.mgetty
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:71 Security Advisory FreeBSD, Inc. Topic: mgetty can create or overwrite files Category: ports Module: mgetty Announced: 2000-11-20 Credits: Stan Bubrouski Affects: Ports...
HP-UX 11.0010.20 crontab - Overwrite Files
HP-UX 11.0010.20 crontab - Overwrite Files !/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh if -z "$1" then echo "Usage : $0 " exit fi cat /tmp/crontabexp !/bin/sh ln -sf $1 $1 EOF chmod 755 /tmp/crontabexp EDITOR=/tmp/crontabexp export EDITOR crontab -e ...
CVE-2000-0468
CVE-2000-0468 affects HP-UX 10.20 and 11, where a local attacker can overwrite files via a symbolic link attack. The entry indicates local access with low complexity and partial confidentiality/integrity/availability impact (CVSS v2 base 4.6). The connected documents corroborate the description b...
HP-UX 11.0 - net.init RC Script
HP-UX 11.0 - net.init RC Script source: https://www.securityfocus.com/bid/1602/info A vulnerability exists in HP-UX, from Hewlett Packard, under certain configurations. Version 11.0 is confirmed to have this problem; other versions may also be susceptible. If the CLEARTMP option in /etc/rc.config...
HP-UX 11.0 - net.init RC Script
source: https://www.securityfocus.com/bid/1602/info A vulnerability exists in HP-UX, from Hewlett Packard, under certain configurations. Version 11.0 is confirmed to have this problem; other versions may also be susceptible. If the CLEARTMP option in /etc/rc.config.d is set to 1, meaning enabled,...