4 matches found
[VulnWatch] ncompress insecure temporary file creation
ncompress insecure temporary file creation Vendor: ftp://ftp.leo.org/pub/comp/os/unix/linux/sunsite/utils/compress/ Advisory: http://www.zataz.net/adviso/ncompress-09052005.txt Vendor informed: yes Exploit available: yes Impact : low Exploitation : low The vulnerability is caused due to temporary...
CVE-2004-0970
The 1 gzexe, 2 zdiff, and 3 znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367...
Debian DSA-588-1 : gzip - insecure temporary files
Trustix developers discovered insecure temporary file creation in supplemental scripts in the gzip package which may allow local users to overwrite files via a symlink attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...
CVE-2004-0970
CVE-2004-0970 concerns the gzip package: the (1) gzexe, (2) zdiff, and (3) znew scripts are able to overwrite files via a symlink attack on temporary files, enabling local users to modify files. This vulnerability is described as a local-privilege-impact issue (I:P) with a low base score (2.1) an...