924 matches found
DEBIAN-CVE-2006-0512
PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by 1 migrateallonline.sh, 2 migratealloffline.sh, 3 migrateallnetinfoonline.sh, 4 migrateallnetinfooffline.s...
CVE-2005-3647
Folder Guard allows local users to bypass protections by running from or installing to the temporary files directory...
security flaw
fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack...
DEBIAN-CVE-2005-2995
bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on 1 the temporary file used by autoconf/randpass when openssl is not available, or 2 the mtx.PID temporary file in mtx-changer.in...
CVE-2005-2519
slpd in Directory Services in Mac OS X 10.3.9 creates insecure temporary files as root, which allows local users to gain privileges...
CVE-2002-2081
cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service disk consumption via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp...
Oracle Forms Builder Password in Temp Files
Name Oracle Forms Builder Password in Temp Files Systems Affected Oracle Formsbuilder 9.0.4 Severity Low Risk Category Information disclosure of passwords Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 12 July 2005 V 1.00 Advisory AKSEC2003-006...
PT-2005-2836 · Lutelwall · Lutelwall
Name of the Vulnerable Software and Affected Versions: LutelWall versions 0.97 and earlier Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. This is a result of a symlink attack vulnerability...
PT-2005-2837 · Unknown · Everybuddy
Name of the Vulnerable Software and Affected Versions: everybuddy versions 0.4.3 and earlier Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. This is a result of a symlink attack vulnerability...
CVE-2005-0787
Wine 20050211 and earlier creates temp files with world readable permissions and predictable file names, which allows local users to obtain sensitive information, such as passwords...
DEBIAN-CVE-2005-0990
unshar unshar.c in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file...
CVE-2005-0200
TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2004-1386...
CVE-2005-0787
Wine 20050211 and earlier creates temp files with world readable permissions and predictable file names, which allows local users to obtain sensitive information, such as passwords...
CVE-2005-0787
Wine 20050211 and earlier creates temp files with world readable permissions and predictable file names, which allows local users to obtain sensitive information, such as passwords...
security flaw
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such a...
CVE-2005-0787
Wine 20050211 and earlier creates temporary registry dump files in /tmp with world-readable permissions and predictable names, enabling local users to read sensitive data (e.g., passwords). The issue is documented across multiple feeds (NVD, OSV, UBUNTU/CVE pages, OpenVAS listings) with consisten...
Foxmail 1.1.0.1 POP3 Temp Dir Stack Overflow Exploit
No description provided by source. include winsock.h include windows.h include stdio.h include conio.h pragma comment lib,"ws232" define PORTOFFSET 118 define IPOFFSET 111 char Shellcode = "\xEB\x10\x5B\x4B\x33\xC9\x66\xB9\x25\x01\x80\x34\x0B\x99\xE2\xFA" "\xEB\x05\xE8\xEB\xFF\xFF\xFF"...
Foxmail 1.1.0.1 - POP3 Temp Dir Stack Overflow
include include include include pragma comment lib,"ws232" define PORTOFFSET 118 define IPOFFSET 111 char Shellcode = "\xEB\x10\x5B\x4B\x33\xC9\x66\xB9\x25\x01\x80\x34\x0B\x99\xE2\xFA" "\xEB\x05\xE8\xEB\xFF\xFF\xFF" "\x70\x62\x99\x99\x99\xC6\xFD\x38\xA9\x99\x99\x99\x12\xD9\x95\x12"...
Fedora Core 2 : krb5-1.3.6-1 (2004-563)
A heap based buffer overflow bug was found in the administration library of Kerberos 1.3.5 and earlier. This overflow in the password history handling code could allow an authenticated remote attacker to execute commands on a realm's master Kerberos KDC. The Common Vulnerabilities and Exposures...
Debian DSA-016-3 : wu-ftpd - temp file creation and format string
Security people at WireX have noticed a temp file creation bug and the WU-FTPD development team has found a possible format string bug in wu-ftpd. Both could be remotely exploited, though no such exploit exists currently. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...