Lucene search
+L

3901 matches found

NVD
NVD
added 2001/12/11 5:0 a.m.19 views

CVE-2001-0890

Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files...

2.1CVSS6.2AI score0.00382EPSS
Exploits0References3
CERT
CERT
added 2001/11/15 12:0 a.m.35 views

Tripwire vulnerable to arbitrary file overwriting via symlink redirection of temporary file

Overview Tripwire is a file integrity verification utility for Unix and Linux operating systems. In some implementations, tripwire opens insecure temporary files with predictable names in publically-writable directories. Using a symbolic link attack, a local intruder may overwrite or create...

4.6CVSS6.2AI score0.00367EPSS
Exploits0References4
CERT
CERT
added 2001/11/15 12:0 a.m.22 views

XMCD vulnerable to arbitrary file overwriting via symlink redirection of temporary file

Overview xmcd is an x11/motif CD playing utility, in the public domain. cda, the command line interface to xmcd, executes with system administrator privileges. It is vulnerable to a symbolic link attack that may allow a local user to obtain administrator privileges. Description cda, the command...

6.2CVSS5.9AI score0.00401EPSS
Exploits0References3
CERT
CERT
added 2001/11/08 12:0 a.m.28 views

shadow-utils useradd creates temporary files insecurely

Overview Shadow-utils is an encryption and account management package freely distributed for many Linux implementations. The useradd program in this package creates insecure temporary files with predictable names in a write-protected directory. If this directory is changed to be writable, an...

1.2CVSS6.3AI score0.00298EPSS
Exploits0References3
CERT
CERT
added 2001/10/09 12:0 a.m.30 views

SCO OpenServer/UnixWare vi creates temporary files insecurely

Overview The implementation of vi, a text editor, provided with SCO Openunix creates insecure temporary files with predictable names. Using a symbolic link attack, an intruder can overwrite any file writable by the user of vi. Description vi is a screen-oriented text editor. The implementation...

3.7CVSS6.3AI score0.00424EPSS
Exploits1References2
CERT
CERT
added 2001/10/09 12:0 a.m.44 views

diffutils sdiff creates temporary files insecurely

Overview diffutils, a set of utilities distributed with many versions of linux, contains a utility called sdiff, which creates temporary files of predictable names in an insecure fashion. Using a symbolic link attack, an intruder can cause overwrite of any file writable by the user executing sdif...

1.2CVSS6.2AI score0.00373EPSS
Exploits0References5
CERT
CERT
added 2001/10/08 12:0 a.m.28 views

Redhat Linux diskcheck.pl creates predictable temporary file and fails to check for existing symbolic link of same name

Overview Diskcheck.pl is a PERL script, part of Red Hat's powertools suite, that alerts a system administrator if any file system approaches capacity. In creating email alerts, diskcheck.pl creates insecure temporary files in a world-writable directory, which may permit an attacker to corrupt any...

2.1CVSS6AI score0.00414EPSS
Exploits0References2
CERT
CERT
added 2001/10/01 12:0 a.m.19 views

mgetty creates temporary files insecurely

Overview mgetty, a replacement for getty designed to support modem and fax use, creates files of a predictable name in a world-writable directory without checking for the prior existence or ownership of the file. Using a symbolic link attack, an intruder might cause the overwrite of arbitrary fil...

1.2CVSS6.2AI score0.00317EPSS
Exploits0References11
CERT
CERT
added 2001/10/01 12:0 a.m.22 views

getty_ps creates temporary files insecurely

Overview gettyps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. Description Under certain circumstances,...

1.2CVSS6.7AI score0.00298EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/09/27 12:0 a.m.48 views

Проблемы в скриптах начальной загрузки Red Hat (symbolic link)

Небезопасная работа с временными файлами в скрипте setserial...

0.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/09/27 12:0 a.m.32 views

[RHSA-2001:110-05] Insecure setserial initscript

--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Insecure setserial initscript Advisory ID: RHSA-2001:110-05 Issue date: 2001-09-12 Updated on: 2001-09-19 Product: Red Hat Linux Keywords: setserial initscript temporary file...

6.9AI score
Exploits0
CERT
CERT
added 2001/09/27 12:0 a.m.28 views

Sun Solaris catman creates temporary files insecurely

Overview catman, the unix manual display utility, creates insecure temporary files with predictable names in a world-writable directory. Since catman executes with system administration privileges, a symbolic link attack could overwrite arbitrary files. Description There is a vulnerability in...

1.2CVSS6.4AI score0.00572EPSS
Exploits0References1
CERT
CERT
added 2001/09/27 12:0 a.m.33 views

ISC inn creates temporary files insecurely

Overview inn, a network news agent, may be configured on some operating systems to use a publically-writeable directory for its temporary files. This may be exploited to gain access to the news account. Description inn is distributed on a variety of Linux platforms. The program is written under t...

1.2CVSS6.4AI score0.00339EPSS
Exploits0References4
Cvelist
Cvelist
added 2001/09/18 4:0 a.m.28 views

CVE-2001-0430

Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files...

6.4AI score0.0041EPSS
Exploits0References3
CVE
CVE
added 2001/09/18 4:0 a.m.51 views

CVE-2001-0430

The CVE-2001-0430 entry refers to a vulnerability in exuberant-ctags prior to version 3.2.4-0.1 where temporary files are created insecurely, leading to potential local file exposure or corruption. Public sources in the connected documents confirm the issue and identify the Debian package update ...

3.6CVSS6.5AI score0.0041EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/09/18 4:0 a.m.27 views

CVE-2001-0243

Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers t...

6.4AI score0.1759EPSS
Exploits0References3
CERT
CERT
added 2001/09/17 12:0 a.m.24 views

exuberant-ctags creates temporary files insecurely

Overview Some versions of exuberant-ctags, a source code navigation utility, create and use temporary files insecurely, leading to local file corruption and possible denial-of-service. Description Exuberent-ctags is a source code navigation utility. It creates temporary files with predictable nam...

3.6CVSS6.2AI score0.0041EPSS
Exploits0References2
CERT
CERT
added 2001/09/17 12:0 a.m.97 views

Samba creates temporary files insecurely

Overview Samba handles temporary files insecurely, allowing arbitrary files to be overwritten and left in a state that would permit later modification. Description Samba is an implementation of the Server Message Block SMB protocol. Some versions of samba handle temporary files in an insecure...

2.1CVSS6.7AI score0.01139EPSS
Exploits0References12
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.17 views

CVE-1999-1036

COPS 1.04 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files in 1 resdiff, 2 ca.src, and 3 mail.chk...

6.5AI score0.00345EPSS
Exploits0References1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.12 views

CVE-1999-1038

Tiger 2.2.3 allows local users to overwrite arbitrary files via a symlink attack on various temporary files in Tiger's default working directory, as defined by the WORKDIR variable...

6.4AI score0.00345EPSS
Exploits0References1
Rows per page
Query Builder