Lucene search
K

157 matches found

Cvelist
Cvelist
added 2003/02/11 5:0 a.m.32 views

CVE-2002-1508

slapd in OpenLDAP2 OpenLDAP 2 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests...

6.2AI score0.00336EPSS
Exploits0References5
NVD
NVD
added 2003/01/11 5:0 a.m.19 views

CVE-2003-0014

gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files...

4.6CVSS6.2AI score0.0036EPSS
Exploits0References7
NVD
NVD
added 2002/12/18 5:0 a.m.20 views

CVE-2002-1344

Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing 1 /absolute/path or 2 .. dot dot sequences...

5CVSS6.4AI score0.04249EPSS
Exploits0References17
CERT
CERT
added 2002/09/18 12:0 a.m.15 views

Mike Spice's Vote does not adequately validate user input

Overview Mike Spice's Vote does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause Vote to overwrite any file on the server to which the web server process has write privileges. Description Mike Spice's Vote is a CGI script written in Perl and...

6.9AI score
Exploits0References3
Packet Storm
Packet Storm
added 2002/09/04 12:0 a.m.37 views

scrollkeeper.txt

------------------------------------------------------------------------- Release date : September 2 2002 Author : Spybreak [email protected] Package : Scrollkeeper Version : 0.3.4, 0.3.11 Severity : Medium to High Vendor homepage : scrollkeeper.sourceforge.net Status : vendor contacted Problem :...

2.1CVSS6.5AI score0.00393EPSS
Exploits1
FreeBSD Advisory
FreeBSD Advisory
added 2002/05/20 12:0 a.m.5 views

FreeBSD-SA-02:25.bzip2

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:25 Security Advisory The FreeBSD Project Topic: bzip2 contains multiple security vulnerabilities Category: core/ports Module: bzip2 Announced: 2002-05-20 Credits: Volker...

5.8AI score
Exploits0
NVD
NVD
added 2001/12/17 5:0 a.m.13 views

CVE-2001-1448

Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the 1 mkuserproc, 2 mgrnt, and 3 mgdatasrvr.sc scripts...

4.6CVSS6.8AI score0.00548EPSS
Exploits1References3
NVD
NVD
added 2001/12/06 5:0 a.m.21 views

CVE-2001-0809

Vulnerability in CIFS/9000 Server SAMBA A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources...

2.1CVSS6.4AI score0.00416EPSS
Exploits0References2
CVE
CVE
added 2001/09/12 4:0 a.m.54 views

CVE-1999-1517

CVE-1999-1517 concerns runtar in the Amanda backup system on UNIX-like OSes. The vulnerable component runs tar with root privileges, enabling a local attacker to overwrite or read arbitrary files by specifying target files to runtar. The CVSS-based notes indicate local access, no authentication, ...

7.2CVSS6.9AI score0.00478EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2001/09/08 12:0 a.m.60 views

Bug in remote GUI access in CheckPoint Firewall

There is a bug in how the desktop GUI for managing a CheckPoint firewall handles log viewer saves. Regardless of the type of user defined for GUI access, the user can save the file to any directory they wish as well as a few other things. This has been verified from ver. 3.0b through ver. 4.1 SP2...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/05/07 12:0 a.m.27 views

Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read

Drummond Miles A1Stats 1.0 - a1disp3.cgi Traversal Arbitrary File Read source: https://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/01/03 12:0 a.m.23 views

Advisory: exmh symlink vulnerability

Author: Stan Bubrouski [email protected] Date: December 31, 2000 Package: exmh Versions affected: 2.2 and probably previous versions. Severity: A malicious local user could use a symlink attack to overwrite any file writable by the user executing exmh. Problem: When exmh detects a problem at start...

0.7AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2000/11/20 12:0 a.m.8 views

FreeBSD-SA-00:76.tcsh-csh

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:76 Security Advisory FreeBSD, Inc. Topic: tcsh/csh creates insecure temporary file Category: core, ports Module: tcsh, 44bsd-csh Announced: 2000-11-20 Affects: FreeBSD...

6.1AI score
Exploits0
Exploit DB
Exploit DB
added 2000/09/30 12:0 a.m.40 views

OpenSSH 1.2 - '.scp' File Create/Overwrite

source: https://www.securityfocus.com/bid/1742/info A vulnerability exists in the 1.2.x releases of scp which, if properly exploited using a modified scp binary on the server end, can permit the remote server to spoof local pathnames and overwrite files belonging to the local user. For example,...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/09/26 12:0 a.m.29 views

ld.so bug - LD_DEBUG_OUTPUT follows symlinks

Hi, ld.so from glibc2 doesn't unset variables LDDEBUGOUTPUT and LDDEBUG when running suid. If program calls setuid0 and then fork, child process will follow prepared symlink $LDDEBUGOUTPUT.$pid and overwrites any file in system. Jakub Vlasek...

1.5AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.35 views

solaris7.ff.core.txt

Date: Wed, 7 Apr 1999 22:11:03 -0700 From: Russell Van Tassell To: [email protected] Subject: Solaris7 and ff.core Forgive me as I just started playing with Solaris 7 and don't recall seeing this yet posted to Bugtraq. It would appear as though an old bug with the OpenWeirdos File Mangler has...

7.4AI score
Exploits0
NVD
NVD
added 1996/12/10 5:0 a.m.10 views

CVE-1999-0096

Sendmail decode alias can be used to overwrite sensitive files...

5CVSS0.01284EPSS
Exploits0References1
Rows per page
Query Builder