Lucene search
+L

3901 matches found

CVE
CVE
added 2001/09/12 4:0 a.m.46 views

CVE-1999-1439

CVE-1999-1439 : The vulnerability is in gcc 2.7.2, where local users can overwrite arbitrary files via a symlink attack on temporary files ending in .i, .s, or .o. The provided documents describe the affected component and the underlying cause (symlink/temporary file race) and identify the impact...

2.1CVSS7.2AI score0.00345EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.49 views

CVE-1999-1095

The CVE-1999-1095 entry concerns the sort utility. It describes that sort creates temporary files and follows symbolic links, enabling a local user to modify arbitrary files writable by the user running sort. This impact is observed in updatedb and other programs that invoke sort. The documents d...

7.2CVSS7.2AI score0.00348EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.21 views

CVE-1999-1042

Cisco Resource Manager CRM 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings...

6.3AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2001/09/06 4:0 a.m.14 views

CVE-2001-1378

fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files...

2.1CVSS6.2AI score0.00342EPSS
Exploits0References2
NVD
NVD
added 2001/08/22 4:0 a.m.11 views

CVE-2001-0556

The Nirvana Editor NEdit 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on 1 backup files or 2 temporary files used when nedit prints a file or portions of a file...

7.2CVSS6.2AI score0.00517EPSS
Exploits1References7
CERT
CERT
added 2001/08/21 12:0 a.m.26 views

OpenSSH allows arbitrary file deletion via symlink redirection of temporary file

Overview Due to insecure handling of temporary files, some versions of sshd, an encrypted connection program, can delete any file named "cookies" accessible via the computer running sshd. Description sshd is the server software used to support ssh, a popular encryted connection program. Some...

7.2CVSS9.1AI score0.00622EPSS
Exploits1References5
CERT
CERT
added 2001/08/21 12:0 a.m.26 views

Aladdin Ghostscript creates insecure temporary files allowing a local user to create symbolic links to other files

Overview Alladin Ghostscript, a previewer for postscript files, creates temporary files with a predictable names. The creation allows attackers to use symbolic links to overwrite other files on the host. Description Alladin Ghostscript is a previewer for postscript files. It creates temporary fil...

3.7CVSS6.4AI score0.00322EPSS
Exploits0References8
CERT
CERT
added 2001/08/20 12:0 a.m.27 views

sort creates temporary files insecurely

Overview The sort utility creates temporary files insecurely, making sort subject to a denial-of-service attack. Description The UNIX sort utility creates temporary files with predictable names. The creation is done in a manner to prevent information loss via a symlink attack, but existence of th...

2.1CVSS6.1AI score0.0035EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2001/08/16 12:0 a.m.26 views

remedy.txt

Security Holes in Remedy Client Installer Summary ------- Due to improper handling of temporary files, the installer program for Remedy Software's Action Request System client for unix can allow local users to gain root privileges. Details ------- The installer script for the unix AR clients...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2001/08/16 12:0 a.m.30 views

mf.txt

Potential Root Compromise in MicroFocus Cobol Summary ------- If the AppTrack feature is enabled, the default install of MicroFocus Cobol 4.1 Merant's commercial suite of cobol utilities contains a security hole which can lead to root compromise. Specifics --------- In the default install,...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/08/12 12:0 a.m.42 views

Символьные линки в rcs2log (sumbolic link)

Проблема символьных линков при создании временного файла позволяет переписать файлы запускающего пользователя...

0.5AI score
Exploits0References1
CVE
CVE
added 2001/07/27 4:0 a.m.44 views

CVE-2001-0556

The CVE describes a local arbitrary-file overwrite vulnerability in Nirvana Editor (NEdit) 5.1.1 and earlier, caused by a symlink/insecure temporary file handling when printing (affecting backup and temp files).

7.2CVSS6.2AI score0.00517EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2001/07/27 4:0 a.m.19 views

CVE-2001-0556

The Nirvana Editor NEdit 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on 1 backup files or 2 temporary files used when nedit prints a file or portions of a file...

6.1AI score0.00517EPSS
Exploits1References7
securityvulns
securityvulns
added 2001/07/26 12:0 a.m.26 views

Sambar Web Server pagecount exploit code

by default, there is a pagecount script with Sambar Web Server it's situated at http://sambarserver/session/pagecount counter writes it's temporary files at c:sambardirectorytmp if we'll write http://sambarserver/session/pagecount?page=index it will create file in Sambar temp directory with name...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/07/12 12:0 a.m.33 views

[ESA-20010711-01] AllCommerce insecure temporary files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------+ | EnGarde Secure Linux Security Advisory July 11, 2001 | | http://www.engardelinux.org/ ESA-20010711-01 | | | | Package: AllCommerce | | Summary: AllCommerce creates insecure...

Exploits0
securityvulns
securityvulns
added 2001/07/12 12:0 a.m.52 views

Символьные линки в AllCommerce (symbolic link)

Проблема символьных линков при работе с временными файлами...

0.6AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2001/07/10 12:0 a.m.16 views

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (3)

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation 3 source: https://www.securityfocus.com/bid/3008/info ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2001/07/10 12:0 a.m.49 views

Символьные линки в Tripwire (symbolic link)

Проблема символьнгых линков при создании временных файлов...

0.7AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2001/07/10 12:0 a.m.32 views

Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (3)

source: https://www.securityfocus.com/bid/3008/info ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image output files. These files are created in /tmp with a guessable naming...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/07/10 12:0 a.m.33 views

Tripwire temporary files

------------------------------------------------------------ Insecure temporary files in Tripwire [email protected] $Date: 2001/07/09 05:02:02 $ ------------------------------------------------------------ Author: Jarno Huuskonen [email protected] Discovered: Tue 16 Jan 2001 Vendor...

0.2AI score
Exploits0
Rows per page
Query Builder