openSUSE: Security Advisory for cinnamon (openSUSE-SU-2018:2121-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for cinnamon (openSUSE-SU-2018:2125-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for cinnamon (moderate)

This update for cinnamon fixes the following issues: Security issue fixed: - CVE-2018-13054: Fix symlink attack vulnerability boo1083067. Bug fixes: - Update to version 3.4.6 changes since 3.4.4: osdWindow.js: Always check the theme node on first showing - an actor's width isn't necessarily fille...

CVE-2018-1196

Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...

CVE-2014-4978

The rsfiltergraph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on 1 /tmp/rs-filter-graph.png or 2 /tmp/rs-filter-graph...

CVE-2015-5701

mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this vulnerability exists due to the reversion of a fix of CVE-2015-5700...

CVE-2015-5701

mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this vulnerability exists due to the reversion of a fix of CVE-2015-5700...

CVE-2015-1197

cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive...

CVE-2015-1194

pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive...

Adobe Reader Temporary Files Arbitrary File Overwrite Vulnerability - Linux

Adobe Reader is prone to symlink attack vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

xorg-x11-server: File existence disclosure vulnerability

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a temporary lock file, which is handled differently if the file exists...

Mandriva Linux Security Advisory : amarok (MDVSA-2008:172)

A flaw in Amarok prior to 1.4.10 would allow local users to overwrite arbitrary files via a symlink attack on a temporary file that Amarok created with a predictable name CVE-2008-3699. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security,...

CVE-2008-4996

init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is used in a single-user context; there's no possibility that this is exploitable...

Gentoo Security Advisory GLSA 200804-11 (policyd-weight)

The remote host is missing updates announced in advisory GLSA 200804-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Fedora Core 5 : kdebase-3.5.3-0.3.fc5 (2006-726)

Thu Jun 15 2006 Than Ngo 6:3.5.3-0.3.fc5 - fix BR - Wed Jun 14 2006 Than Ngo 6:3.5.3-0.2.fc5 - apply patch to to fix 194659, CVE-2006-2449 KDM symlink attack vulnerability thanks to KDE security team - Thu Jun 8 2006 Than Ngo 6:3.5.3-0.1.fc5 - update to 3.5.3 - Fri May 12 2006 Than Ngo...

linuxconf.txt

Date: Sat, 22 Aug 1998 20:35:42 -0500 From: Alex Mottram Subject: Security concerns in linuxconf shipped w/RedHat 5.1 There exists a security / DOS problem with linuxconf-1.11.r11-rh3/i386 as upgraded from RedHat's FTP site. No other versions have been tested by me. Both the maintainer of linuxco...