280 matches found
CVE-2006-0893
NOCC Webmail 1.0 is affected by an information-disclosure vulnerability where remote attackers can obtain sensitive data by directly requesting files in (1) the profiles directory (exposing e-mail addresses from profile filenames) and (2) the tmp directory (revealing uploaded attachment names). T...
CVE-2005-1632
CVE-2005-1632 affects Cheetah 0.9.15 and 0.9.16. The root cause is that the runtime searches /tmp for modules before honoring PYTHONPATH, enabling a local attacker to execute arbitrary code via a malicious module placed in /tmp/. The linked Red Hat and Debian trackers echo this same issue. No exp...
CVE-2005-1632
Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/...
GLSA-200404-01 : Insecure sandbox temporary lockfile vulnerabilities in Portage
The remote host is affected by the vulnerability described in GLSA-200404-01 Insecure sandbox temporary lockfile vulnerabilities in Portage A flaw in Portage's sandbox wrapper has been found where the temporary lockfiles are subject to a hard-link attack which allows linkable files to be...
HP-UX shar utility creates files with predictable names in "/tmp" directory
Overview The shar program distributed with some versions of the HP-UX operating system creates files insecurely. This vulnerability could allow local users to gain escalated privilege on the system. Description shar is a program commonly available on UNIX systems to create a shell script that wil...
CVE-2002-0377
Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files...
Matlab /tmp usage
INTRODUCTION MATLAB is "The Language of Technical Computing" http://www.mathworks.com/ PROBLEM As installed on UNIX machines, matlab uses shell scripts to launch; these scripts use files in /tmp in an unsafe way. DETAILS The matlab script uses /tmp/$$a and may clobber it, allowing an attacker to...
Некорректная работа с идентификаторами сеансов в PHP4 (session spoofing)
Идентификаторы сеансов хранятся в директории /tmp...
SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)
source: https://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition in the rctab script could allow an...
SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)
source: https://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition in the rctab script could allow an...
SuSE 6.x7.0 - MkDir Error Handling rctab Race Condition (1)
SuSE 6.x7.0 - MkDir Error Handling rctab Race Condition 1 source: https://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE...
KTH Kerberos filesystem race condition on tickets stored in /tmp
Overview There may be a race condition during the creation of Kerberos ticket files in the /tmp directory. This race condition may allow intruders with local access to the system to gain root privileges. Description During the creation of ticket files in the /tmp directory, a sequence of calls...
DoS через AnswerBook 2
При некоторых условиях не удаляются временные файлы, что приводит к переполнению /tmp...
CVE-2000-0718
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed...
CVE-2000-0718
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed...
CVE-2000-0363
Linux cdwtools 093 and earlier contain a local privilege escalation vulnerability: local users can gain root privileges via the /tmp directory. The issue is described across CVE-2000-0363 records and NVD, with a base score of 6.2 (MEDIUM). Exploitation details are not provided in the supplied doc...
Possible symlink problems with Netscape 4.73
It appears that Netscape 4.73 and earlier versions incorrectly creates a temporary file in '/tmp' when importing certificates: ... open"/tmp/tmp3919AA5000A07DC", OWRONLY|OCREAT|OTRUNC, 0666 = 25 fchmod25, 0600 = 0 fstat25, stmode=0,stsize=0, ... = 0 ... Netscape doesn't try to stat/lstat the file...
CVE-2000-0293
aaabase in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaabase when it deletes expired files from the /tmp directory...
CVE-2000-0458
The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information...
CVE-2000-0363
Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory...