3901 matches found
[SECURITY] [DSA 172-1] New tkmail packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 172-1 [email protected] http://www.debian.org/security/ Martin Schulze October 8th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 172-1] New tkmail packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 172-1 [email protected] http://www.debian.org/security/ Martin Schulze October 8th, 2002 http://www.debian.org/security/faq -...
Символьные линки в Bru (symbolic links)
Небезопасная работа с временными файлами во многих скриптах...
BRU 17.0 - XBRU Insecure Temporary File
BRU 17.0 - XBRU Insecure Temporary File source: https://www.securityfocus.com/bid/5708/info BRU is a backup and restore utility distributed by The Tolis Group. This problem affects the utility on the Linux platform. xbru does not properly check for the existence of temporary files prior to...
BRU 17.0 - XBRU Insecure Temporary File
source: https://www.securityfocus.com/bid/5708/info BRU is a backup and restore utility distributed by The Tolis Group. This problem affects the utility on the Linux platform. xbru does not properly check for the existence of temporary files prior to execution. Because of this, it is possible for...
[SECURITY] [DSA 159-2] New Python packages fix problem introduced by security fix
-------------------------------------------------------------------------- Debian Security Advisory DSA 159-2 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 159-2] New Python packages fix problem introduced by security fix
-------------------------------------------------------------------------- Debian Security Advisory DSA 159-2 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2002 http://www.debian.org/security/faq -...
scrollkeeper.txt
------------------------------------------------------------------------- Release date : September 2 2002 Author : Spybreak [email protected] Package : Scrollkeeper Version : 0.3.4, 0.3.11 Severity : Medium to High Vendor homepage : scrollkeeper.sourceforge.net Status : vendor contacted Problem :...
[SECURITY] [DSA 160-1] New scrollkeeper packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 160-1 [email protected] http://www.debian.org/security/ Martin Schulze September 3rd, 2002 http://www.debian.org/security/faq -...
ScrollKeeper symbolic links
Insecure temporary files handling...
calderax.txt
The following proof of concepts were provided by Pavel Kankovsky: $ Xserver -xkbdir 'id /tmp/IWASHERE;' exit X server $ grep root /tmp/IWASHERE && echo 'Gotcha!' $ cat /tmp/xkbcomp !/bin/sh id /tmp/IWASHERE ctrl+d $ chmod a+x /tmp/xkbcomp $ Xserver -xkbdir /tmp X server executes /tmp/xkbcomp...
[SECURITY] [DSA 159-1] New Python packages fix insecure temporary file use
-------------------------------------------------------------------------- Debian Security Advisory DSA 159-1 [email protected] http://www.debian.org/security/ Martin Schulze August 28th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 159-1] New Python packages fix insecure temporary file use
-------------------------------------------------------------------------- Debian Security Advisory DSA 159-1 [email protected] http://www.debian.org/security/ Martin Schulze August 28th, 2002 http://www.debian.org/security/faq -...
CVE-2002-0788
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System EFS, creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain...
CVE-2002-0658
OSSP mm library libmm before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack...
DEBIAN-CVE-2002-0658
OSSP mm library libmm before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack...
CVE-2002-0658
OSSP mm library libmm before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack...
PT-2002-1809 · Pgp +1 · Pgp +1
Name of the Vulnerable Software and Affected Versions: PGP version 7.0.3 Description: The issue arises from an interaction between PGP and the Windows Encrypted File System EFS when the "wipe deleted files" option is used. This interaction creates cleartext temporary files that cannot be wiped or...
security flaw
OSSP mm library libmm before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack...
security flaw
OSSP mm library libmm before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack...