2 matches found
Debian Security Advisory DSA 839-1 (apachetop)
The remote host is missing an update to apachetop announced via advisory DSA 839-1. Eric Romang discovered an insecurely created temporary file in apachetop, a realtime monitoring tool for the Apache webserver that could be exploited with a symlink attack to overwrite arbitrary files with the use...
CVE-2005-2660
CVE-2005-2660 affects apachetop 0.12.5 and earlier. The vulnerability arises from insecure temporary file creation: atop.debug in the code path uses a fixed path and mode that allows a symlink attack to overwrite or create arbitrary files with the privileges of the user running apachetop. The Deb...