Lucene search
K

156 matches found

Ubuntu
Ubuntu
added 2004/10/28 3:6 p.m.57 views

USN-4-1: Standard C library script vulnerabilities

Recently, Trustix Secure Linux discovered some vulnerabilities in the libc6 package. The utilities "catchsegv" and "glibcbug" created temporary files in an insecure way, which allowed a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program...

2.1CVSS5.4AI score0.00394EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2004/10/27 9:45 a.m.59 views

USN-5-1: gettext vulnerabilities

Recently, Trustix Secure Linux discovered some vulnerabilities in the gettext package. The programs "autopoint" and "gettextize" created temporary files in an insecure way, which allowed a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program...

2.1CVSS5.5AI score0.00399EPSS
Exploits0
Ubuntu
Ubuntu
added 2004/10/27 9:42 a.m.60 views

USN-3-1: GhostScript utility script vulnerabilities

Recently, Trustix Secure Linux discovered some vulnerabilities in the gs-common package. The utilities "pv.sh" and "ps2epsi" created temporary files in an insecure way, which allowed a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program...

7.2CVSS5.4AI score0.00474EPSS
Exploits0
CVE
CVE
added 2004/10/20 4:0 a.m.79 views

CVE-2004-0972

CVE-2004-0972 concerns the lvmcreate_initrd helper in the Trustix/ lvm package (lvm1) where a temporary-directory creation flaw enables a local attacker to perform a symlink-based overwrite of arbitrary files. The described root cause is insecure handling of temporary files by the script, allowin...

2.1CVSS5.8AI score0.00393EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2004/10/20 4:0 a.m.27 views

CVE-2004-0974

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...

6AI score0.00393EPSS
Exploits0References3
CVE
CVE
added 2004/10/20 4:0 a.m.66 views

CVE-2004-0974

CVE-2004-0974 concerns the Netatalk package where a local user can overwrite files via a symlink attack on temporary files. The initial description specifies Trustix Secure Linux 1.5–2.1 and possibly other OSes as affected, with the root cause being insecure temporary-file handling in etc2ps.sh. ...

2.1CVSS6AI score0.00393EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2004/10/20 4:0 a.m.19 views

CVE-2004-0974

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...

2.1CVSS6AI score0.00393EPSS
Exploits0
Debian CVE
Debian CVE
added 2004/10/20 4:0 a.m.21 views

CVE-2004-0971

The krb5-send-pr script in the kerberos5 krb5 package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...

2.1CVSS6AI score0.00328EPSS
Exploits0
Debian CVE
Debian CVE
added 2004/10/20 4:0 a.m.24 views

CVE-2004-0966

The 1 autopoint and 2 gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files...

2.1CVSS5.9AI score0.00399EPSS
Exploits0
Debian CVE
Debian CVE
added 2004/10/20 4:0 a.m.25 views

CVE-2004-0976

Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files...

2.1CVSS6AI score0.00427EPSS
Exploits0
Debian CVE
Debian CVE
added 2004/10/20 4:0 a.m.32 views

CVE-2004-0975

The derchop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files...

2.1CVSS5.6AI score0.00415EPSS
Exploits0
CVE
CVE
added 2004/10/20 4:0 a.m.86 views

CVE-2004-0967

Ghostscript (espgs) in Trustix Secure Linux 1.5–2.1 and other OSes is affected by CVE-2004-0967 due to insecure temporary file handling in the scripts pj-gs.sh, ps2epsi, pv.sh, and sysvlp.sh. The vulnerability allows local attackers to overwrite files via a symlink attack on temporary files creat...

7.2CVSS5.8AI score0.00474EPSS
Exploits0References13Affected Software1
CVE
CVE
added 2004/10/20 4:0 a.m.68 views

CVE-2004-0969

Technical details for CVE-2004-0969 are not publicly provided in the supplied connected documents. The materials reference the vulnerability generally (symlink attack in groff), but do not contain product/version/impact/fix specifics. Monitor for updates.

2.1CVSS8.6AI score0.00377EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2004/10/20 4:0 a.m.31 views

CVE-2004-0969

The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...

2.1CVSS6AI score0.00377EPSS
Exploits0
Cvelist
Cvelist
added 2004/10/20 4:0 a.m.27 views

CVE-2004-0967

The 1 pj-gs.sh, 2 ps2epsi, 3 pv.sh, and 4 sysvlp.sh scripts in the ESP Ghostscript espgs package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files...

5.8AI score0.00474EPSS
Exploits0References13
CVE
CVE
added 2004/10/20 4:0 a.m.87 views

CVE-2004-0971

The CVE-2004-0971 issue affects the krb5-send-pr script in the krb5 package, allowing local users to overwrite files via a symlink attack on temporary files. Description in the sources notes this vulnerability for Trustix Secure Linux 1.5–2.1 and potentially other OSes. The vulnerability originat...

2.1CVSS5.9AI score0.00328EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2004/10/20 4:0 a.m.40 views

CVE-2004-0966

The 1 autopoint and 2 gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files...

5.8AI score0.00399EPSS
Exploits0References9
Cvelist
Cvelist
added 2004/10/20 4:0 a.m.41 views

CVE-2004-0969

The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...

8.6AI score0.00377EPSS
Exploits0References7
CVE
CVE
added 2004/10/20 4:0 a.m.53 views

CVE-2004-0966

CVE-2004-0966 : The GNU gettext package (versions 1.14 and later) contains insecure handling in the autopoint and gettextize scripts that can create or overwrite files via a symlink attack on temporary files. This affects Trustix Secure Linux 1.5–2.1 and other OSs that ship gettext. The vulnerabi...

2.1CVSS5.8AI score0.00399EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2004/10/20 4:0 a.m.78 views

CVE-2004-0976

CVE-2004-0976 affects the perl package, notably in Trustix Secure Linux 1.5–2.1 and similar OSes, due to a symlink attack that lets local users overwrite files via temporary files. Root cause is insecure temporary file handling in Perl modules; impact is local with partial integrity impact and no...

2.1CVSS5.8AI score0.00427EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder