Lucene search
K

4 matches found

securityvulns
securityvulns
added 2005/09/16 12:0 a.m.33 views

[VulnWatch] ncompress insecure temporary file creation

ncompress insecure temporary file creation Vendor: ftp://ftp.leo.org/pub/comp/os/unix/linux/sunsite/utils/compress/ Advisory: http://www.zataz.net/adviso/ncompress-09052005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low The vulnerability is caused due to temporary...

2.1CVSS0.7AI score0.00365EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2005/02/09 5:0 a.m.29 views

CVE-2004-0970

The 1 gzexe, 2 zdiff, and 3 znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367...

2.1CVSS5.8AI score0.00365EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/11/10 12:0 a.m.33 views

Debian DSA-588-1 : gzip - insecure temporary files

Trustix developers discovered insecure temporary file creation in supplemental scripts in the gzip package which may allow local users to overwrite files via a symlink attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

2.1CVSS5.3AI score0.00365EPSS
Exploits0References2
CVE
CVE
added 2004/10/20 4:0 a.m.71 views

CVE-2004-0970

CVE-2004-0970 concerns the gzip package: the (1) gzexe, (2) zdiff, and (3) znew scripts are able to overwrite files via a symlink attack on temporary files, enabling local users to modify files. This vulnerability is described as a local-privilege-impact issue (I:P) with a low base score (2.1) an...

2.1CVSS5.8AI score0.00365EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder