157 matches found
CVE-2002-1508
slapd in OpenLDAP2 OpenLDAP 2 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests...
CVE-2003-0014
gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2002-1344
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing 1 /absolute/path or 2 .. dot dot sequences...
Mike Spice's Vote does not adequately validate user input
Overview Mike Spice's Vote does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause Vote to overwrite any file on the server to which the web server process has write privileges. Description Mike Spice's Vote is a CGI script written in Perl and...
scrollkeeper.txt
------------------------------------------------------------------------- Release date : September 2 2002 Author : Spybreak [email protected] Package : Scrollkeeper Version : 0.3.4, 0.3.11 Severity : Medium to High Vendor homepage : scrollkeeper.sourceforge.net Status : vendor contacted Problem :...
FreeBSD-SA-02:25.bzip2
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:25 Security Advisory The FreeBSD Project Topic: bzip2 contains multiple security vulnerabilities Category: core/ports Module: bzip2 Announced: 2002-05-20 Credits: Volker...
CVE-2001-1448
Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the 1 mkuserproc, 2 mgrnt, and 3 mgdatasrvr.sc scripts...
CVE-2001-0809
Vulnerability in CIFS/9000 Server SAMBA A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources...
CVE-1999-1517
CVE-1999-1517 concerns runtar in the Amanda backup system on UNIX-like OSes. The vulnerable component runs tar with root privileges, enabling a local attacker to overwrite or read arbitrary files by specifying target files to runtar. The CVSS-based notes indicate local access, no authentication, ...
Bug in remote GUI access in CheckPoint Firewall
There is a bug in how the desktop GUI for managing a CheckPoint firewall handles log viewer saves. Regardless of the type of user defined for GUI access, the user can save the file to any directory they wish as well as a few other things. This has been verified from ver. 3.0b through ver. 4.1 SP2...
Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read source: https://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as...
Advisory: exmh symlink vulnerability
Author: Stan Bubrouski [email protected] Date: December 31, 2000 Package: exmh Versions affected: 2.2 and probably previous versions. Severity: A malicious local user could use a symlink attack to overwrite any file writable by the user executing exmh. Problem: When exmh detects a problem at start...
FreeBSD-SA-00:76.tcsh-csh
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:76 Security Advisory FreeBSD, Inc. Topic: tcsh/csh creates insecure temporary file Category: core, ports Module: tcsh, 44bsd-csh Announced: 2000-11-20 Affects: FreeBSD...
OpenSSH 1.2 - '.scp' File Create/Overwrite
source: https://www.securityfocus.com/bid/1742/info A vulnerability exists in the 1.2.x releases of scp which, if properly exploited using a modified scp binary on the server end, can permit the remote server to spoof local pathnames and overwrite files belonging to the local user. For example,...
ld.so bug - LD_DEBUG_OUTPUT follows symlinks
Hi, ld.so from glibc2 doesn't unset variables LDDEBUGOUTPUT and LDDEBUG when running suid. If program calls setuid0 and then fork, child process will follow prepared symlink $LDDEBUGOUTPUT.$pid and overwrites any file in system. Jakub Vlasek...
solaris7.ff.core.txt
Date: Wed, 7 Apr 1999 22:11:03 -0700 From: Russell Van Tassell To: [email protected] Subject: Solaris7 and ff.core Forgive me as I just started playing with Solaris 7 and don't recall seeing this yet posted to Bugtraq. It would appear as though an old bug with the OpenWeirdos File Mangler has...
CVE-1999-0096
Sendmail decode alias can be used to overwrite sensitive files...