624 matches found
USN-63-1: MySQL client vulnerability
Javier Fernández-Sanguino Peña noticed that the "mysqlaccess" program created temporary files in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program...
CVE-2004-1901
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles...
PT-2004-2799 · Gentoo · Portage
Name of the Vulnerable Software and Affected Versions: Portage versions prior to 2.0.50-r3 Description: The issue allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. This is a result of a hard link attack vulnerability in the lockfiles of Portage...
USN-51-1: teTeX auxiliary script vulnerability
Javier Fernández-Sanguino Peña noticed that "xdvizilla", an auxiliary script to integrate DVI file viewing in Mozilla-based browsers, created temporary files and directories in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges o...
Cscope 13.0/15.x - Insecure Temporary File Creation (2)
// source: https://www.securityfocus.com/bid/11697/info Cscope creates temporary files in an insecure way. A design error causes the application to fail to verify the presence of a file before writing to it. During execution, the utility reportedly creates temporary files in the system's temporar...
Cscope 13.015.x - Insecure Temporary File Creation (1)
Cscope 13.015.x - Insecure Temporary File Creation 1 source: https://www.securityfocus.com/bid/11697/info Cscope creates temporary files in an insecure way. A design error causes the application to fail to verify the presence of a file before writing to it. During execution, the utility reportedl...
Local root compromise possible with getmail
The following vulnerabilities apply to all releases of getmail prior to 3.2.5, and all version 4 releases prior to 4.2.0. They do not apply where getmail is run as an unprivileged user, or where an unprivileged external MDA is used for the final delivery of mail. They are not exploitable remotely...
Mandrake Linux Security Advisory : webmin (MDKSA-2004:101)
A vulnerability in webmin was discovered by Ludwig Nussel. A temporary directory was used in webmin, however it did not check for the previous owner of the directory. This could allow an attacker to create the directory and place dangerous symbolic links inside. The updated packages are patched t...
MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation
source: https://www.securityfocus.com/bid/11212/info RsyncX is reported to contain an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames. A local attacker may exploit this vulnerability to execute...
GLSA-200404-01 : Insecure sandbox temporary lockfile vulnerabilities in Portage
The remote host is affected by the vulnerability described in GLSA-200404-01 Insecure sandbox temporary lockfile vulnerabilities in Portage A flaw in Portage's sandbox wrapper has been found where the temporary lockfiles are subject to a hard-link attack which allows linkable files to be...
GLSA-200404-08 : GNU Automake symbolic link vulnerability
The remote host is affected by the vulnerability described in GLSA-200404-08 GNU Automake symbolic link vulnerability Automake may be vulnerable to a symbolic link attack which may allow an attacker to modify data or escalate their privileges. This is due to the insecure way Automake creates...
Insecure Temporary File Creation In MySQL
Background MySQL is a popular open-source multi-threaded, multi-user SQL database server. Description The MySQL bug reporting utility mysqlbug creates a temporary file to log bug reports to. A malicious local user with write access to the /tmp directory could create a symbolic link of the name...
GNU Automake symbolic link vulnerability
Background Automake is a tool for automatically generating Makefile.in' files which is often used in conjuction with Autoconf and other GNU Autotools to ease portability among applications. It also provides a standardized and light way of writing complex Makefiles through the use of many built-in...
AzDGDatingLite 2.1.1 - index.php?language Cross-Site Scripting
AzDGDatingLite 2.1.1 - index.php?language Cross-Site Scripting source: https://www.securityfocus.com/bid/10084/info Multiple cross-site scripting vulnerabilities have been reported in AzDGDatingLite. These issues may be exploited by enticing a victim user to visit a malicious link that includes...
Insecure sandbox temporary lockfile vulnerabilities in Portage
Background Portage is Gentoo's package management system which is responsible for installing, compiling and updating any ebuilds on the system through the Gentoo rsync tree. Under default configurations, most ebuilds run under a sandbox which prevent the build process writing to the "real" system...
Microsoft Windows XP - Help and Support Center Interface Spoofing
Microsoft Windows XP - Help and Support Center Interface Spoofing source: https://www.securityfocus.com/bid/9685/info A weakness has been alleged in Microsoft Windows XP that could reportedly allow aspects of the Help and Support Center interface to be spoofed via a malicious link. By spoofing th...
CVE-2003-1155
X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file...
CVE-2003-1366
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information...
Musicqueue 1.2 - SIGSEGV Signal Handler Insecure File Creation
Musicqueue 1.2 - SIGSEGV Signal Handler Insecure File Creation // source: https://www.securityfocus.com/bid/8899/info A vulnerability has been reported for Musicqueue. The problem specifically occurs within a signal handling procedure used invoked when a segmentation violation occurs. The procedu...
Musicqueue 1.2 - SIGSEGV Signal Handler Insecure File Creation
// source: https://www.securityfocus.com/bid/8899/info A vulnerability has been reported for Musicqueue. The problem specifically occurs within a signal handling procedure used invoked when a segmentation violation occurs. The procedure invokes a library function, passing it the name of a...