34 matches found
CVE-2005-1759
Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751...
CVE-2005-1759
CVE-2005-1759 concerns a race condition in shtool 2.0.1 and earlier where a local attacker could exploit a symlink attack on temporary files created by shtool to modify or create arbitrary files. Connected sources confirm the vulnerability is tied to shtool shipped with PHP and note that updates ...
shtool shell tools set synbolic links problem
gentmpfile symbolic links problem...
[ GLSA 200506-08 ] GNU shtool, ocaml-mysql: Insecure temporary file creation
Gentoo Linux Security Advisory GLSA 200506-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
GLSA-200506-08 : GNU shtool, ocaml-mysql: Insecure temporary file creation
The remote host is affected by the vulnerability described in GLSA-200506-08 GNU shtool, ocaml-mysql: Insecure temporary file creation Eric Romang has discovered that GNU shtool insecurely creates temporary files with predictable filenames CAN-2005-1751. On closer inspection, Gentoo Security...
GNU shtool, ocaml-mysql: Insecure temporary file creation
Background GNU shtool is a compilation of small shell scripts into a single shell tool. The ocaml-mysql package includes the GNU shtool code. Description Eric Romang has discovered that GNU shtool insecurely creates temporary files with predictable filenames CAN-2005-1751. On closer inspection,...
shtool insecure temporary file creation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 shtool insecure temporary file creation Vendor: http://www.gnu.org/software/shtool/ Advisory: http://www.zataz.net/adviso/shtool-05252005.txt Vendor informed: no more vendor Exploit available: yes Impact : low Exploitation : low shtool contain a...
CVE-2005-1751
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759...
CVE-2005-1751
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759...
CVE-2005-1751
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759...
CVE-2005-1751
CVE-2005-1751 describes a local race-condition in shtool 2.0.1 and earlier where a symlink attack on the .shtool.$$ temp file lets a local user create or modify arbitrary files. This is associated with PHP-supplied shtool in multiple advisories (e.g., Gentoo/OpenVAS entries and Debian/CentOS noti...
CVE-2005-1751
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759...
DEBIAN-CVE-2005-1751
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759...
shtool -- insecure temporary file creation
A Zataz advisory reports that shtool contains a security flaw which could allow a malicious local user to create or overwrite the contents of arbitrary files. The attacker could fool a user into executing the arbitrary file possibly executing arbitrary code...