CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

Secrets of the Wiper: Inside the World's Most Destructive Malware

Shamoon, Black Energy, Destover, ExPetr/Not Petya and Olympic Destroyer: All of these wiper malwares, and others like them, have a singular purpose of destroying systems and/or data, usually causing great financial and reputational damage to victim companies. However, the threat actors behind thi...

OlympicDestroyer is here to trick the industry

A couple of days after the opening ceremony of the Winter Olympics in Pyeongchang, South Korea, we received information from several partners, on the condition of non-disclosure TLP:Red, about a devastating malware attack on the Olympic infrastructure. A quick peek inside the malware revealed a...

Novell Groupwise Administration Server FileUploadServlet poLibMaintenanceFileSave Information Disclosure Vulnerability

This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Novell Groupwise. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of the poLibMaintenanceFileSave parameter within the FileUploadServlet...

OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 /usr/tmp/ Symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually a symbolic lin...

SecurityReason : PHP 5.2.6 dba_replace() destroying file

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityReason.com PHP 5.2.6 dbareplace destroying file Author: Maksymilian Arciemowicz http://securityreason.com Date: - - Written: 10.11.2008 - - Public: 28.11.2008 SecurityReason Research SecurityAlert Id: 58 SecurityRisk: Medium Affected Software:...

php526-destroy.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityReason.com PHP 5.2.6 dbareplace destroying file Author: Maksymilian Arciemowicz http://securityreason.com Date: - - Written: 10.11.2008 - - Public: 28.11.2008 SecurityReason Research SecurityAlert Id: 58 SecurityRisk: Medium Affected Software:...

GNU Ed不安全临时文件建立漏洞

GNU ed是一个8字节适用、POSIX 兼容的行编辑器。 GNU ed不正确建立临时文件，本地攻击者可以利用漏洞进行拒绝服务或提升特权攻击。 由于不安全建立临时文件，通过符号攻击，可导致以当前用户权限破坏系统文件，或者提升为当前用户特权。 GNU Ed 可联系供应商获得补丁信息： http://www.gnu.org/software/ed/ed.html...

Preemptive Protection against Blackworm

BlackWorm is a worm that uses its own SMTP engine to spread using remote shares. The worm also tries to disable security-related and file sharing software as well as destroys files of certain types, including .DOC, .ZIP, .XLS and more. Blackworm usually attaches itself to e-mail messages as an...

Virginity Security Advisory 2005-002 : Hola CMS - Another File destruction and System access

-------------------------------------------------------------------- Virginity Security Advisory 2005-002 - - - -------------------------------------------------------------------- DATE : 2005-03-13 15:11 GMT TYPE : remote VERSIONS AFFECTED : hola-cms-1.4.9-1 http://holacms.drunkencat.net/...

Virginity Security Advisory 2005-001 : Hola CMS - File destruction and System access

-------------------------------------------------------------------- Virginity Security Advisory 2005-001 - - - -------------------------------------------------------------------- DATE : 2005-03-12 15:45 GMT TYPE : remote VERSIONS AFFECTED : == hola-cms-1.4.9 http://holacms.drunkencat.net/...

SCSA028.txt

================================================= Security Corporation Security Advisory SCSA-028 Nuked-Klan Multiple Vulnerabilities ================================================= PROGRAM: Nuked-KlaN HOMEPAGE: http://www.nuked-klan.org VULNERABLE VERSIONS: b1.4, b1.5, SP2 RISK: MEDIUM/HIGH...

[SCSA-028] Nuked-Klan Multiple Vulnerabilities

================================================= Security Corporation Security Advisory SCSA-028 Nuked-Klan Multiple Vulnerabilities ================================================= PROGRAM: Nuked-KlaN HOMEPAGE: http://www.nuked-klan.org VULNERABLE VERSIONS: b1.4, b1.5, SP2 RISK: MEDIUM/HIGH...

bogofilter contrib/bogopass temp file vulnerability

bogofilter-SA-2002:01.bogopass Topic: vulnerability in bogopass Announcement: bogofilter-SA-2002:01 Writer: Matthias Andree Version: 1.00 Announced: 2002-11-29 Category: contrib Type: temporary file created insecurely Impact: anonymous local file destruction or change Credits: - Danger: medium th...

CVE-1999-1499

named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on 1 nameddump.db when root kills the process with a SIGINT, or 2 named.stats when SIGIOT is used...

CVE-1999-1499

The CVE-1999-1499 entry describes a local privilege issue in ISC BIND 4.9 and 8.1. It is triggered by a symlink attack on either named_dump.db (when root kills the process with SIGINT) or named.stats (when SIGIOT is used), allowing local users to destroy files via the symlink mechanism. The linke...

[RHSA-2000:062-03] glint symlink vulnerability

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: glint symlink vulnerability Advisory ID: RHSA-2000:062-03 Issue date: 2000-09-19 Updated on: 2000-09-19 Product: Red Hat Linux Keywords: glint symlink rpm Cross references: N/A...

Advisory: mgetty local compromise

Author : Stan Bubrouski Date : August 26, 2000 Package : mgetty Versions affected : 1.1.22, 1.1.21 and prior at least back to 1994 Severity : faxrunqd follows symbolic links when creating certain files. The default location for the files is /var/spool/fax/outgoing, which is a world-writable...

OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink

source: https://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually a symbolic link to the world writable /tmp...