8 matches found
Unauthorized File Access
awssamcli is vulnerable to Unauthorized File Access. The vulnerability is due to insecure symlink resolution during the build process, which causes the contents of symlinks to be copied into the local workspace cache as regular files, allows an attacker to access restricted files...
Privilege Escalation
github.com/rclone/rclone is vulnerable to Privilege Escalation. The vulnerability is due to insecure handling of symlinks with the --links and --metadata flags, allows unprivileged users to exploit symlinks to modify the ownership and permissions of target files when copied by a privileged proces...
TeamViewer < 15.52 Insecure Symlink Following (tv-2024-1002)
The version of TeamViewer Client installed on the remote MacOS host is prior to 15.52. It is, therefore, affected by an insecure symlink following vulnerability. A local attacker with unprivileged access could potentially elevate privileges or conduct a denial-of-service attack by overwriting the...
CVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that...
Debian DSA-1550-1 : suphp - programming error
It was discovered that suphp, an Apache module to run PHP scripts with owner permissions handles symlinks insecurely, which may lead to privilege escalation by local users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation
------------------------------------------------------------------------ Debian Security Advisory DSA-1550-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 17, 2008 http://www.debian.org/security/faq -...
SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit
Exploit for solaris platform in category dos / poc ============================================================= SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit ============================================================= !/usr/local/bin/perl -w The problem is catman creates files ...
Solaris 2.7 / 2.8 Catman - Local Insecure tmp Symlink Exploit
Exploit for unknown platform in category dos / poc ============================================================= Solaris 2.7 / 2.8 Catman - Local Insecure tmp Symlink Exploit ============================================================= !/usr/local/bin/perl -w The problem is catman creates files ...