7 matches found
EUVD-2008-5357
Malware in sbrugna...
Code injection
gpsdrive aka gpsdrive-scripts 2.09 allows local users to overwrite arbitrary files via a symlink attack on an a /tmp/geo, a b /tmp/geocaching.loc, a c /tmp/geo., or a d /tmp/geo. temporary file, related to the 1 geo-code and 2 geo-nearest scripts, different vectors than CVE-2008-4959...
CVE-2008-5380
gpsdrive aka gpsdrive-scripts 2.09 allows local users to overwrite arbitrary files via a symlink attack on an a /tmp/geo, a b /tmp/geocaching.loc, a c /tmp/geo., or a d /tmp/geo. temporary file, related to the 1 geo-code and 2 geo-nearest scripts, different vectors than CVE-2008-4959...
CVE-2008-5380
Gpsdrive (gpsdrive-scripts) has multiple local-privilege vectors via symlink attacks in /tmp (geo-*.coords, geo.google, geo.yahoo, geo.# etc.), affecting versions around 2.09–2.10~pre4. The root cause is insecure temporary-file handling in geo-code/geo-nearest and related scripts, allowing local ...
CVE-2008-4959
geo-code in gpsdrive-scripts 2.10pre4 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/geo.google, 2 /tmp/geo.yahoo, 3 /tmp/geo.coords, and 4 /tmp/geo.coords temporary files...
CVE-2008-4959
geo-code in gpsdrive-scripts 2.10pre4 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/geo.google, 2 /tmp/geo.yahoo, 3 /tmp/geo.coords, and 4 /tmp/geo.coords temporary files...
Code injection
geo-code in gpsdrive-scripts 2.10pre4 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/geo.google, 2 /tmp/geo.yahoo, 3 /tmp/geo.coords, and 4 /tmp/geo.coords temporary files...