2384 matches found
CVE-2008-5366
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...
Design/Logic Flaw
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...
Arbitrary file deletion
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...
CVE-2008-5367
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...
CVE-2008-5367
CVE-2008-5367 refers to a local privilege escalation in ip-up of ppp-udeb 2.4.4rel on Debian GNU/Linux, allowing local users to overwrite arbitrary files via a symlink attack on /tmp/resolv.conf.tmp. Connected sources confirm the issue and list affected package constraints (ppp-udeb 2.4.4rel on D...
CVE-2008-5366
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...
CVE-2008-5366
CVE-2008-5366 affects the postinst script of the Debian/PPP package (ppp 2.4.4rel). A local attacker can exploit a symlink vulnerability to overwrite arbitrary files via temporary files in /tmp (/tmp/probe-finished or /tmp/ppp-errors). Impact is described as local, with potential data corruption ...
CVE-2008-5366
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...
CVE-2008-5367
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...
[SECURITY] [DSA 1683-1] New streamripper packages fix potential code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1683-1 [email protected] http://www.debian.org/security/ Florian Weimer December 08, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1678-1] New perl packages fix privilege escalation
------------------------------------------------------------------------ Debian Security Advisory DSA-1678-1 [email protected] http://www.debian.org/security/ Steffen Joeris December 03, 2008 http://www.debian.org/security/faq -...
Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC
No description provided by source. !/bin/bash - echo ' include string.h include stdlib.h include unistd.h include utmp.h include sys/types.h include stdio.h int mainint argc, char argv struct utmp entry; int i; entry.uttype=LOGINPROCESS; strcpyentry.utline,"/tmp/x"; entry.uttime=0;...
[SECURITY] [DSA 1676-1] New flamethrower packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1676-1 [email protected] http://www.debian.org/security/ dann frazier December 01, 2008 http://www.debian.org/security/faq -...
Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC
Exploit for linux platform in category local exploits ======================================================================= Debian GNU/Linux symlink attack in login Arbitrary File Ownership PoC ======================================================================= !/bin/bash - echo ' include...
Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC
No description provided by source. !/bin/bash - echo ' include string.h include stdlib.h include unistd.h include utmp.h include sys/types.h include stdio.h int mainint argc, char argv struct utmp entry; int i; entry.uttype=LOGINPROCESS; strcpyentry.utline,"/tmp/x"; entry.uttime=0;...
[SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1673-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 29, 2008 http://www.debian.org/security/faq -...
CVE-2008-5142
sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...
Design/Logic Flaw
sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...
CVE-2008-5142
sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...
CVE-2008-5142
The affected component is sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux. It is vulnerable to a local, pre-auth race where an attacker can overwrite arbitrary files through a symlink attack on a /tmp/pr.##### temporary file, indicating a local-privilege escalation/vector due to insecure ...