3901 matches found
Moderate: Red Hat Security Advisory: : Updated mm packages fix temporary file handling
Updated mm packages are now available for Red Hat Linux 7, 7.1, 7.2, and 7.3. These updates address possible vulnerabilities in how the MM library opens temporary files. The MM library provides an abstraction layer which allows related processes to share data easily. On systems where shared memor...
Moderate: Red Hat Security Advisory: mm security update
Updated mm packages are now available for Red Hat Linux Advanced Server. This update addresses possible vulnerabilities in how the MM library opens temporary files. The MM library provides an abstraction layer which allows related processes to easily share data. On systems where shared memory or...
mm temporary files handling problems
User with Apache web server priveleges can obtain root access...
[SECURITY] [DSA 137-1] New mm packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 137-1 [email protected] http://www.debian.org/security/ Martin Schulze July 30th, 2002 - -------------------------------------------------------------------------- Package : mm Vulnerability...
MM 1.0.x1.1.x - Shared Memory Library Temporary File Privilege Escalation
MM 1.0.x1.1.x - Shared Memory Library Temporary File Privilege Escalation // source: https://www.securityfocus.com/bid/5352/info The MM Shared Memory library is reported to be prone to a race condition with regards to temporary files which may enable a local attacker to gain elevated privileges...
MM 1.0.x/1.1.x - Shared Memory Library Temporary File Privilege Escalation
// source: https://www.securityfocus.com/bid/5352/info The MM Shared Memory library is reported to be prone to a race condition with regards to temporary files which may enable a local attacker to gain elevated privileges. This issue may reportedly be exploited by an attacker with shell access as...
CVE-2001-0890
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files...
Sun Cobalt RaQ 4.0 - Predictable Temporary Filename Symbolic Link Attack
Sun Cobalt RaQ 4.0 - Predictable Temporary Filename Symbolic Link Attack source: https://www.securityfocus.com/bid/5529/info A vulnerability has been reported in Cobalt RaQ that may allow attackers to obtain elevated privileges. The vulnerability exists in the /usr/lib/authenticate utility which ...
CVE-2001-0906
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr...
CVE-2001-1146
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack...
Acrobat reader 4.05 temporary files
------------------------------------------------------------ Insecure temporary files in Acrobat Reader 4.05 [email protected] $Date: 2002/06/20 07:21:29 $ ------------------------------------------------------------ Author: Jarno Huuskonen [email protected] Discovered: Wed 18 Jul 2001...
Security Update: [CSSA-2002-SCO.21] OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely
To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely Advisory number: CSSA-2002-SCO.21 Issue date: 2002 May 28 Cross reference: 1...
Multiple bugs in Caldera OpenServer utilities
Symlink problem on temporary files handling in sort and scoadmin...
Security Update: [CSSA-2002-SCO.22] OpenServer 5.0.5 OpenServer 5.0.6 : scoadmin command creates temporary files insecurely
To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer 5.0.5 OpenServer 5.0.6 : scoadmin command creates temporary files insecurely Advisory number: CSSA-2002-SCO.22 Issue date: 2002 May 28 Cross reference...
Caldera OpenServer 5.0.55.0.6 - SCOAdmin Symbolic Link
Caldera OpenServer 5.0.55.0.6 - SCOAdmin Symbolic Link source: https://www.securityfocus.com/bid/4875/info A vulnerability has been reported in the scoadmin utility that may allow a local attacker to overwrite any file. The vulnerability is due to the predictable naming of temporary files used by...
Caldera OpenServer 5.0.5/5.0.6 - SCOAdmin Symbolic Link
source: https://www.securityfocus.com/bid/4875/info A vulnerability has been reported in the scoadmin utility that may allow a local attacker to overwrite any file. The vulnerability is due to the predictable naming of temporary files used by scoadmin. When writing to temporary files, there are n...
Weak permissions in gaim
During message reading world readable file is created in /tmp...
NTFS encryption information leakage problem in PGP
If "wiping file on deletion" option is used EFS temporary files are not deleted during file encryption...
CVE-2001-1333
CVE-2001-1333 affects Linux CUPS prior to 1.1.6 where temporary files are not securely handled, enabling local users to overwrite files via a symlink vulnerability. The NVD data lists a local attack vector, high attack complexity, no authentication, no confidentiality impact, but partial integrit...
CVE-2001-1346
ARCserveIT 6.61 and 6.63 (ARCservIT) are affected by a local vulnerability where an attacker can overwrite arbitrary files via a symlink attack on temporary files (asagent.tmp or inetd.tmp). The underlying issue is insecure handling of temporary files leading to local privilege impact with partia...