Lucene search
+L

3901 matches found

Cvelist
Cvelist
added 2002/05/03 4:0 a.m.28 views

CVE-2001-1333

Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files...

6AI score0.00345EPSS
Exploits0References4
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.36 views

CVE-2001-1256

kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the 1 /tmp/.kmmodreglock and 2 /tmp/kmpath.tmp temporary files...

6.3AI score0.06116EPSS
Exploits0References8
CVE
CVE
added 2002/05/03 4:0 a.m.52 views

CVE-2002-0271

CVE-2002-0271 affects the GNU Ada compiler (GNAT) versions 3.12p through 3.14p. The issue arises from a symlink attack on temporary files, allowing local users to modify files belonging to other users. The resulting impact is limited to integrity (partial) and requires local access; no remote or ...

1.2CVSS6.5AI score0.00257EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2002/04/05 12:0 a.m.27 views

Weak permissions in Tarantella temporary files

World-writable temporary file created with name available via prosess list...

2.7AI score
Exploits0References1Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.61 views

CVE-2001-0416

CVE-2001-0416 affects sgml-tools (sgmltools) prior to version 1.0.9-15. The root cause is insecure handling of temporary files: sgml-tools creates temporary files directly (or in insecure permissions) which can allow other local users to read files being processed. Impact is partial confidentiali...

2.1CVSS6.3AI score0.00436EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.22 views

CVE-2001-0416

sgml-tools aka sgmltools before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools...

6.3AI score0.00436EPSS
Exploits0References9
CVE
CVE
added 2002/03/09 5:0 a.m.46 views

CVE-2001-0774

Tripwire 1.3.1, 2.2.1 and 2.3.0 are vulnerable to a local symlink attack that can overwrite arbitrary files in /tmp and may enable privilege escalation. Root cause: temporary files are opened/created without O_EXCL and with predictable names, allowing a non-privileged local attacker to redirect d...

4.6CVSS6.6AI score0.00367EPSS
Exploits0References6Affected Software1
Debian
Debian
added 2002/03/05 6:39 p.m.9 views

[SECURITY] [DSA 118-1] New xsane packages fix insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 118-1 [email protected] http://www.debian.org/security/ Martin Schulze March 5th, 2002 - -------------------------------------------------------------------------- Package : xsane...

0.2AI score
Exploits0
Debian
Debian
added 2002/03/05 6:39 p.m.33 views

[SECURITY] [DSA 118-1] New xsane packages fix insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 118-1 [email protected] http://www.debian.org/security/ Martin Schulze March 5th, 2002 - -------------------------------------------------------------------------- Package : xsane...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2002/02/19 12:0 a.m.34 views

Утечка информации в WinAmp (information leakage)

При запросе лицензии на сервер передается информация о расположении временных файлов...

0.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/02/19 12:0 a.m.29 views

winamp and wma Song Licenses

When opening a wma file with winamp 2.77, 2.78 tested that requires a license to be installed, winamp opens the webpage where it obtains this license through some vb script code calling an active x object, witch it passes the url to itself in order for this page to provide a click-here-to-play ty...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2002/02/13 12:0 a.m.32 views

Символьные линкив GNAT (symbolic links)

При создании временных файлов не проверяются символьные линки...

0.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/02/13 12:0 a.m.24 views

RUS-CERT Advisory 2002-02:01: Temporary file handling in GNAT

RUS-CERT Advisory 2002-02:01: Temporary file handling in GNAT The run-time library of the GNU Ada compiler GNAT handles temporary files in an unsafe manner. Systems Affected All POSIX multi-user systems running GNAT-compiled binaries which use Ada language facilities for creating temporary files...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2002/01/28 12:0 a.m.36 views

bru backup program

Product: Bru Description: ------------ BRU provides fully verified backup and restore operations and offers options for most conceivable data backup and recovery needs. BRU is fully device independent, so it works with any device or filesystem that is supported by your operating system...

7AI score
Exploits0
exploitpack
exploitpack
added 2002/01/26 12:0 a.m.14 views

BRU 17.0 - SetLicense Script Insecure Temporary File Symbolic Link

BRU 17.0 - SetLicense Script Insecure Temporary File Symbolic Link // source: https://www.securityfocus.com/bid/3970/info BRU is a commercially available backup software infrastructure available for both UNIX and Linux Operating Systems. It is distributed and maintained by the Tolis Group. When B...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/01/26 12:0 a.m.31 views

BRU 17.0 - SetLicense Script Insecure Temporary File Symbolic Link

// source: https://www.securityfocus.com/bid/3970/info BRU is a commercially available backup software infrastructure available for both UNIX and Linux Operating Systems. It is distributed and maintained by the Tolis Group. When BRU executes, it creates temporary files insecurely. BRU uses easily...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/01/23 12:0 a.m.31 views

[SECURITY] [DSA-105-1] enscript creates temporary files insecurely

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-105-1 [email protected] http://www.debian.org/security/ Wichert Akkerman January 21, 2002 -...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2002/01/23 12:0 a.m.45 views

Символьные линки в enscript (symbolic links)

Проблема символьных линков при создании временных файлов...

0.4AI score
Exploits0References1Affected Software1
Debian
Debian
added 2002/01/21 12:7 a.m.14 views

[SECURITY] [DSA-105-1] enscript creates temporary files insecurely

Package : enscript Problem type : insecure temporary files Debian-specific: no The version of enscript a tool to convert ASCII text to different formats has been found to create temporary files insecurely. This has been fixed in version 1.6.2-4.1 . wget url will fetch the file for you dpkg -i...

5.8AI score
Exploits0
NVD
NVD
added 2001/12/31 5:0 a.m.19 views

CVE-2001-1530

run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands...

4.6CVSS7AI score0.004EPSS
Exploits0References2
Rows per page
Query Builder