7 matches found
EUVD-2016-10399
Malware in sbrugna...
katello-debug Arbitrary File Overwrite Vulnerability
Katello is a system management engine that provides workflows for configuration management, subscription management and content management. katello-debug is one of the debuggers. An arbitrary file overwrite vulnerability exists in versions prior to katello-debug 3.4.0, which stems from the use of...
CVE-2016-9595
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files...
CVE-2016-9595
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files...
CVE-2016-9595
Summary: CVE-2016-9595 affects katello-debug before 3.4.0. Affected component uses insecure temporary files for scripts and logs, enabling a local attacker to perform a symbolic-link attack to overwrite arbitrary files. This is supported by multiple sources (NVD entry, CNVD entry, Veracode note, ...
katello-debug: Possible symlink attacks due to use of predictable file names
A flaw was found in katello-debug where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files...
CVE-2016-9595
A flaw was found in katello-debug where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files...