EUVD-2001-0125

Malware in sbrugna...

Mandrake Linux Security Advisory : exmh (MDKSA-2001:015)

All versions of exmh prior to 2.3.1 use the /tmp directory for storing temporary files. This was done in an insecure manner as exmh did not check to ensure that nobody placed a symlink with the same name in /tmp in the meantime and thus was vulnerable to a symlink attack. This could lead to a...

Debian Security Advisory DSA 022-1 (exmh)

The remote host is missing an update to exmh announced via advisory DSA 022-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 022-1 (exmh)

The remote host is missing an update to exmh announced via advisory DSA 022-1. OpenVAS Vulnerability Test $Id: deb0221.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 022-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian DSA-022-1 : exmh - local insecure tempfile creation

Former versions of the exmh program used /tmp for storing temporary files. No checks were made to ensure that nobody placed a symlink with the same name in /tmp in the meantime and thus was vulnerable to a symlink attack. This could lead to a malicious local user being able to overwrite any file...

CVE-2001-0125

CVE-2001-0125 affects exmh 2.2 and earlier, where insecure handling of temporary files in /tmp (e.g., exmhErrorMsg) allows local users to overwrite files via a symlink attack. Connected advisories confirm the issue and note that newer versions (e.g., exmh 2.3.1+) fix the vulnerability by switchin...

CVE-2001-0125

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file...

CVE-2001-0125

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file...

FreeBSD-SA-01:17.exmh

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:17 Security Advisory FreeBSD, Inc. Topic: exmh symlink vulnerability Category: ports Module: exmh2 Announced: 2001-01-29 Credits: Stanley G. Bubrouski Affects: Ports...

[SECURITY] [DSA 022-1] New version of exmh released

---------------------------------------------------------------------------- Debian Security Advisory DSA-022-1 [email protected] http://www.debian.org/security/ Martin Schulze January 26, 2001 - ---------------------------------------------------------------------------- Package : exmh...

Дырка в exmh

Уязвимость символьных линков...

Advisory: exmh symlink vulnerability

Author: Stan Bubrouski [email protected] Date: December 31, 2000 Package: exmh Versions affected: 2.2 and probably previous versions. Severity: A malicious local user could use a symlink attack to overwrite any file writable by the user executing exmh. Problem: When exmh detects a problem at start...