Debian: Security Advisory (DSA-857-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 760-1 (ekg)

The remote host is missing an update to ekg announced via advisory DSA 760-1. Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2005-1850...

Debian Security Advisory DSA 588-1 (gzip)

The remote host is missing an update to gzip announced via advisory DSA 588-1. OpenVAS Vulnerability Test $Id: deb5881.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 588-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

GLSA-200710-22 : TRAMP: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200710-22 TRAMP: Insecure temporary file creation Stefan Monnier discovered that the tramp-make-tramp-temp-file function creates temporary files in an insecure manner. Impact : A local attacker could create symbolic links in the...

FreeBSD : id3lib -- insecure temporary file creation (15ec9123-7061-11dc-b372-001921ab2fa4)

Debian Bug report log reports : When tagging file $foo, a temporary copy of the file is created, and for some reason, libid3 doesn't use mkstemp but just creates $foo.XXXXXX literally, without any checking. This would silently truncate and overwrite an existing $foo.XXXXXX. %NASLMINLEVEL 70300 C...

thttpd symbolic links problem

Insecure temporary file creation on logfiles rotation...

GLSA-200604-13 : fbida: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200604-13 fbida: Insecure temporary file creation Jan Braun has discovered that the 'fbgs' script provided by fbida insecurely creates temporary files in the '/var/tmp' directory. Impact : A local attacker could create links in th...

GLSA-200602-14 : noweb: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200602-14 noweb: Insecure temporary file creation Javier Fernandez-Sanguino has discovered that the lib/toascii.nw and shell/roff.mm scripts insecurely create temporary files with predictable filenames. Impact : A local attacker...

Ubuntu 4.10 : vim vulnerabilities (USN-61-1)

Javier Fernandez-Sanguino Pena noticed that the auxillary scripts 'tcltags' and 'vimspell.sh' created temporary files in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the script either by calling it...

Mandrake Linux Security Advisory : graphviz (MDKSA-2005:188)

Javier Fernndez-Sanguino Pea discovered insecure temporary file creation in graphviz, a rich set of graph drawing tools, that can be exploited to overwrite arbitrary files by a local attacker. The updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C Tenable Network...

GLSA-200508-19 : lm_sensors: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200508-19 lmsensors: Insecure temporary file creation Javier Fernandez-Sanguino Pena has discovered that lmsensors insecurely creates temporary files with predictable filenames when saving configurations. Impact : A local attacker...

Debian DSA-760-1 : ekg - several vulnerabilities

Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-1850 Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file creatio...

[SECURITY] [DSA 760-1] New ekg packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 760-1 [email protected] http://www.debian.org/security/ Martin Schulze July 18th, 2005 http://www.debian.org/security/faq -...

Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation

Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation source: https://www.securityfocus.com/bid/14293/info Skype is affected by an insecure temporary file creation vulnerability. Exploitation would most likely result in loss of data or a denial of service if critical files are...

Cscope 13.0/15.x - Insecure Temporary File Creation (1)

source: https://www.securityfocus.com/bid/11697/info Cscope creates temporary files in an insecure way. A design error causes the application to fail to verify the presence of a file before writing to it. During execution, the utility reportedly creates temporary files in the system's temporary...

Microsoft Virtual PC Services Insecure Temporary File Creation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Virtual PC Services Insecure Temporary File Creation Release Date: 02/10/2004 Application: Connectix Virtual PC 6.0.x Microsoft Virtual PC 6.1 Platform: Mac OS X Severity: Local privilege...

CVE-2001-1146

AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 is affected. The issue stems from creating temporary files with predictable names, enabling local users to perform a symlink attack to modify files. The description in the Connected documents confirms the root cause as predictable t...