3901 matches found
Lmail 2.7 - Temporary File Race Condition
Lmail 2.7 - Temporary File Race Condition // source: https://www.securityfocus.com/bid/2984/info Jon Zeeff's lmail is a local mail delivery agent LDA designed to provide mail-to-pipe and mail-to-file aliasing for smail. A race condition vulnerability exists in lmail. The lmail program makes...
CVE-2001-0430
Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files...
CVE-2001-0416
sgml-tools aka sgmltools before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools...
CVE-2001-0906
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr...
CVE-2001-1256
kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the 1 /tmp/.kmmodreglock and 2 /tmp/kmpath.tmp temporary files...
gpm creates temporary files insecurely
Overview gpm version 1.19.3, which usually runs as root, is vulnerable due to a flaw that allows a local user to exploit a race condition to corrupt files that gpm uses. Description gpm General Purpose Mouse is a program that lets you use the mouse in console mode when not using XWindows. It is...
KDE KFM creates temporary files insecurely
Overview KDE's kfm creates and uses temporary cache directories insecurely. Description kfm, the KDE File Manager, creates a cache directory for each user. This directory is placed in /tmp and predictably named, based on the UID. These directories are created without checking for correct ownershi...
CVE-2001-0496
CVE-2001-0496 affects the kdesu component of kdelibs. Affected software creates world-readable temporary files that contain authentication information, enabling a local attacker to gain privileges on the system. The Mandrake advisory MDKSA-2001:046-3 describes the issue and provides updated packa...
CVE-2001-1346
Computer Associates ARCserveIT 6.61 and 6.63 also called ARCservIT allows local users to overwrite arbitrary files via a symlink attack on the temporary files 1 asagent.tmp or 2 inetd.tmp...
CVE-2001-1333
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files...
Дырка в nedit (symbolic link)
Проблема символьных линков при создании временных файлов...
Дырка в VMWare (symbolic link)
Проблема символьных линков во временных файлах...
[SECURITY] [DSA-048-1] samba symlink attacks
Package : samba Problem type : symlink attack Debian-specific: no Marcus Meissner discovered that samba was not creating temporary files safely in two places: when a remote user queried a printer queue samba would creates a temporary file in which the queue data would be written. This was doing...
Samba 2.0.8 security fix
I've just released Samba 2.0.8. This release fixes a significant security vulnerability that allows local users to corrupt local devices such as raw disks. For most users the Samba Team recommends Samba 2.2.0 which has just been released. Version 2.2.0 has all the security fixes plus many new...
[SECURITY] [DSA-046-1] exuberant-ctags uses insecure temporary files
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-046-1 [email protected] http://www.debian.org/security/ Wichert Akkerman April 15, 2001 -...
[SECURITY] [DSA-046-1] exuberant-ctags uses insecure temporary files
Package : exuberant-ctags Problem type : insecure temporary files Debian-specific: no Colin Phipps discovered that the exuberant-ctags packages as distributed with Debian GNU/Linux 2.2 creates temporary files insecurely. This has been fixed in version 1:3.2.4-0.1 of the Debian package, and upstre...
Проблемы с Mesa (temp files)
Проблема временных файлов...
Дырка в sgml-tools (insecure temp files)
Проблема временных файлов...
Дырки в Athena Widget
Проблема временных файлов...
Дырка в Microfocus Cobol
При установке создаются файлы открытые на запись и временные файлы с предсказуемыми именами...