3901 matches found
CVE-2001-1333
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files...
CVE-2001-1256
kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the 1 /tmp/.kmmodreglock and 2 /tmp/kmpath.tmp temporary files...
CVE-2002-0271
CVE-2002-0271 affects the GNU Ada compiler (GNAT) versions 3.12p through 3.14p. The issue arises from a symlink attack on temporary files, allowing local users to modify files belonging to other users. The resulting impact is limited to integrity (partial) and requires local access; no remote or ...
Weak permissions in Tarantella temporary files
World-writable temporary file created with name available via prosess list...
CVE-2001-0416
CVE-2001-0416 affects sgml-tools (sgmltools) prior to version 1.0.9-15. The root cause is insecure handling of temporary files: sgml-tools creates temporary files directly (or in insecure permissions) which can allow other local users to read files being processed. Impact is partial confidentiali...
CVE-2001-0416
sgml-tools aka sgmltools before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools...
CVE-2001-0774
Tripwire 1.3.1, 2.2.1 and 2.3.0 are vulnerable to a local symlink attack that can overwrite arbitrary files in /tmp and may enable privilege escalation. Root cause: temporary files are opened/created without O_EXCL and with predictable names, allowing a non-privileged local attacker to redirect d...
[SECURITY] [DSA 118-1] New xsane packages fix insecure temporary files
-------------------------------------------------------------------------- Debian Security Advisory DSA 118-1 [email protected] http://www.debian.org/security/ Martin Schulze March 5th, 2002 - -------------------------------------------------------------------------- Package : xsane...
[SECURITY] [DSA 118-1] New xsane packages fix insecure temporary files
-------------------------------------------------------------------------- Debian Security Advisory DSA 118-1 [email protected] http://www.debian.org/security/ Martin Schulze March 5th, 2002 - -------------------------------------------------------------------------- Package : xsane...
Утечка информации в WinAmp (information leakage)
При запросе лицензии на сервер передается информация о расположении временных файлов...
winamp and wma Song Licenses
When opening a wma file with winamp 2.77, 2.78 tested that requires a license to be installed, winamp opens the webpage where it obtains this license through some vb script code calling an active x object, witch it passes the url to itself in order for this page to provide a click-here-to-play ty...
Символьные линкив GNAT (symbolic links)
При создании временных файлов не проверяются символьные линки...
RUS-CERT Advisory 2002-02:01: Temporary file handling in GNAT
RUS-CERT Advisory 2002-02:01: Temporary file handling in GNAT The run-time library of the GNU Ada compiler GNAT handles temporary files in an unsafe manner. Systems Affected All POSIX multi-user systems running GNAT-compiled binaries which use Ada language facilities for creating temporary files...
bru backup program
Product: Bru Description: ------------ BRU provides fully verified backup and restore operations and offers options for most conceivable data backup and recovery needs. BRU is fully device independent, so it works with any device or filesystem that is supported by your operating system...
BRU 17.0 - SetLicense Script Insecure Temporary File Symbolic Link
BRU 17.0 - SetLicense Script Insecure Temporary File Symbolic Link // source: https://www.securityfocus.com/bid/3970/info BRU is a commercially available backup software infrastructure available for both UNIX and Linux Operating Systems. It is distributed and maintained by the Tolis Group. When B...
BRU 17.0 - SetLicense Script Insecure Temporary File Symbolic Link
// source: https://www.securityfocus.com/bid/3970/info BRU is a commercially available backup software infrastructure available for both UNIX and Linux Operating Systems. It is distributed and maintained by the Tolis Group. When BRU executes, it creates temporary files insecurely. BRU uses easily...
[SECURITY] [DSA-105-1] enscript creates temporary files insecurely
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-105-1 [email protected] http://www.debian.org/security/ Wichert Akkerman January 21, 2002 -...
Символьные линки в enscript (symbolic links)
Проблема символьных линков при создании временных файлов...
[SECURITY] [DSA-105-1] enscript creates temporary files insecurely
Package : enscript Problem type : insecure temporary files Debian-specific: no The version of enscript a tool to convert ASCII text to different formats has been found to create temporary files insecurely. This has been fixed in version 1.6.2-4.1 . wget url will fetch the file for you dpkg -i...
CVE-2001-1530
run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands...