22 matches found
EUVD-2008-7226
Malware in sbrugna...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2008-7273
CVE-2008-7273 describes a symlink issue in Iceweasel-firegpg before 0.6 caused by insecure tempfile handling. Affected component is Iceweasel-firegpg; root cause is insecure tempfile handling leading to a symlink-related vulnerability. The CVSS data in the linked records indicates a local attack ...
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
CVE-2011-3618
CVE-2011-3618 relates to a symlink attack caused by insecure tempfile handling in the tool described as “atop.” The linked records (NVD, OSV, Debian/Ubuntu trackers and others) consistently cite this issue as a local‑attack vulnerability with insecure tempfile handling, leading to potential expos...
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling...
Insecure tempfile handling Vulnerability in TWiki (Sep 2008)
TWiki is prone to an insecure temp file handling vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:twiki:twiki";...
[Full-disclosure] SimpleCDR-X - Insecure tempfile handling
SimpleCDR-X - Insecure tempfile handling +----------------------------------------+ Date: 2005-09-15 URL: http://ogre.rocky-road.net/cdr.shtml Vendor Notified: Days ago, no answer. Version: 1.3.3 latest - Description - Files beeing recorded can be read by any user on the system due to insecure...
GLSA-200411-22 : Davfs2, lvm-user: Insecure tempfile handling
The remote host is affected by the vulnerability described in GLSA-200411-22 Davfs2, lvm-user: Insecure tempfile handling Florian Schilhabel from the Gentoo Linux Security Audit Team found that Davfs2 insecurely created .pid files in /tmp. Furthermore, Trustix Secure Linux found that the...
GLSA-200411-17 : mtink: Insecure tempfile handling
The remote host is affected by the vulnerability described in GLSA-200411-17 mtink: Insecure tempfile handling Tavis Ormandy from Gentoo Linux discovered that mtink uses insecure permissions on temporary files. Impact : A local attacker could create symbolic links in the temporary files directory...
mtink: Insecure tempfile handling
Background mtink is a status monitor and inkjet cartridge changer for some Epson printers. Description Tavis Ormandy from Gentoo Linux discovered that mtink uses insecure permissions on temporary files. Impact A local attacker could create symbolic links in the temporary files directory, pointing...
GLSA-200410-25 : Netatalk: Insecure tempfile handling in etc2ps.sh
The remote host is affected by the vulnerability described in GLSA-200410-25 Netatalk: Insecure tempfile handling in etc2ps.sh The etc2ps.sh script creates temporary files in world-writeable directories with predictable names. Impact : A local attacker could create symbolic links in the temporary...
Netatalk: Insecure tempfile handling in etc2ps.sh
Background Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh. Description The etc2ps.sh script creates temporary files in...
glibc: Insecure tempfile handling in catchsegv script
Background glibc is a package that contains the GNU C library. Description The catchsegv script creates temporary files in world-writeable directories with predictable names. Impact A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere o...
GLSA-200410-19 : glibc: Insecure tempfile handling in catchsegv script
The remote host is affected by the vulnerability described in GLSA-200410-19 glibc: Insecure tempfile handling in catchsegv script The catchsegv script creates temporary files in world-writeable directories with predictable names. Impact : A local attacker could create symbolic links in the...
Debian DSA-037-1 : Athena Widget replacement libraries - insecure tempfile handling
It has been reported that the AsciiSrc and MultiSrc widget in the Athena widget library handle temporary files insecurely. Joey Hess has ported the bugfix from XFree86 to these Xaw replacements libraries. The fixes are available in nextaw 0.5.1-34potato1, xaw3d 1.3-6.9potato1, and xaw95...
[SECURITY] [DSA 037-1] New versions of Athena Widget replacement libraries available
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------------- Debian Security Advisory DSA-037-1 [email protected] http://www.debian.org/security/ Martin Schulze March 7, 2001 -...