PT-2025-2690 · Glog +2 · Glog +2

Name of the Vulnerable Software and Affected Versions: glog affected versions not specified Description: The issue arises when logs are written to a widely-writable directory, allowing an unprivileged attacker to predict a privileged process's log file path and create a symbolic link to a sensiti...

SUSE CVE-2007-5342

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...

Apache Tomcat's default security policy is too open

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...

GLSA-200405-20 : Insecure Temporary File Creation In MySQL

The remote host is affected by the vulnerability described in GLSA-200405-20 Insecure Temporary File Creation In MySQL The MySQL bug reporting utility mysqlbug creates a temporary file to log bug reports to. A malicious local user with write access to the /tmp directory could create a symbolic li...

ROS-2-2129

2.2129 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 Vulnerability in the Exim message forwarding agent, related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...