Lucene search
K

280 matches found

CVE
CVE
added 2006/02/25 11:0 a.m.53 views

CVE-2006-0893

NOCC Webmail 1.0 is affected by an information-disclosure vulnerability where remote attackers can obtain sensitive data by directly requesting files in (1) the profiles directory (exposing e-mail addresses from profile filenames) and (2) the tmp directory (revealing uploaded attachment names). T...

5CVSS6.1AI score0.01719EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2005/05/17 4:0 a.m.50 views

CVE-2005-1632

CVE-2005-1632 affects Cheetah 0.9.15 and 0.9.16. The root cause is that the runtime searches /tmp for modules before honoring PYTHONPATH, enabling a local attacker to execute arbitrary code via a malicious module placed in /tmp/. The linked Red Hat and Debian trackers echo this same issue. No exp...

7.2CVSS7.2AI score0.00433EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/05/17 4:0 a.m.18 views

CVE-2005-1632

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/...

7.2AI score0.00433EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.18 views

GLSA-200404-01 : Insecure sandbox temporary lockfile vulnerabilities in Portage

The remote host is affected by the vulnerability described in GLSA-200404-01 Insecure sandbox temporary lockfile vulnerabilities in Portage A flaw in Portage's sandbox wrapper has been found where the temporary lockfiles are subject to a hard-link attack which allows linkable files to be...

5.6AI score
Exploits0References1
CERT
CERT
added 2004/01/23 12:0 a.m.26 views

HP-UX shar utility creates files with predictable names in "/tmp" directory

Overview The shar program distributed with some versions of the HP-UX operating system creates files insecurely. This vulnerability could allow local users to gain escalated privilege on the system. Description shar is a program commonly available on UNIX systems to create a shell script that wil...

7.2AI score
Exploits0References1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.18 views

CVE-2002-0377

Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files...

6.1AI score0.00363EPSS
Exploits0References5
securityvulns
securityvulns
added 2002/12/24 12:0 a.m.29 views

Matlab /tmp usage

INTRODUCTION MATLAB is "The Language of Technical Computing" http://www.mathworks.com/ PROBLEM As installed on UNIX machines, matlab uses shell scripts to launch; these scripts use files in /tmp in an unsafe way. DETAILS The matlab script uses /tmp/$$a and may clobber it, allowing an attacker to...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2002/01/15 12:0 a.m.43 views

Некорректная работа с идентификаторами сеансов в PHP4 (session spoofing)

Идентификаторы сеансов хранятся в директории /tmp...

0.5AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2001/01/13 12:0 a.m.22 views

SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)

source: https://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition in the rctab script could allow an...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2001/01/13 12:0 a.m.30 views

SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)

source: https://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition in the rctab script could allow an...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/01/13 12:0 a.m.19 views

SuSE 6.x7.0 - MkDir Error Handling rctab Race Condition (1)

SuSE 6.x7.0 - MkDir Error Handling rctab Race Condition 1 source: https://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE...

7.4AI score
Exploits0
CERT
CERT
added 2000/12/19 12:0 a.m.24 views

KTH Kerberos filesystem race condition on tickets stored in /tmp

Overview There may be a race condition during the creation of Kerberos ticket files in the /tmp directory. This race condition may allow intruders with local access to the system to gain root privileges. Description During the creation of ticket files in the /tmp directory, a sequence of calls...

7.2CVSS6.2AI score0.00409EPSS
Exploits0References1
securityvulns
securityvulns
added 2000/11/14 12:0 a.m.24 views

DoS через AnswerBook 2

При некоторых условиях не удаляются временные файлы, что приводит к переполнению /tmp...

0.8AI score
Exploits0References1Affected Software1
NVD
NVD
added 2000/10/20 4:0 a.m.15 views

CVE-2000-0718

A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed...

1.2CVSS6.2AI score0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.19 views

CVE-2000-0718

A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed...

6.2AI score0.00263EPSS
Exploits0References2
CVE
CVE
added 2000/07/12 4:0 a.m.52 views

CVE-2000-0363

Linux cdwtools 093 and earlier contain a local privilege escalation vulnerability: local users can gain root privileges via the /tmp directory. The issue is described across CVE-2000-0363 records and NVD, with a base score of 6.2 (MEDIUM). Exploitation details are not provided in the supplied doc...

6.2CVSS7AI score0.00331EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2000/05/11 12:0 a.m.28 views

Possible symlink problems with Netscape 4.73

It appears that Netscape 4.73 and earlier versions incorrectly creates a temporary file in '/tmp' when importing certificates: ... open"/tmp/tmp3919AA5000A07DC", OWRONLY|OCREAT|OTRUNC, 0666 = 25 fchmod25, 0600 = 0 fstat25, stmode=0,stsize=0, ... = 0 ... Netscape doesn't try to stat/lstat the file...

0.8AI score
Exploits0
Cvelist
Cvelist
added 2000/04/26 4:0 a.m.25 views

CVE-2000-0293

aaabase in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaabase when it deletes expired files from the /tmp directory...

6.4AI score0.00694EPSS
Exploits0References1
NVD
NVD
added 2000/04/22 4:0 a.m.14 views

CVE-2000-0458

The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information...

2.1CVSS6.1AI score0.00329EPSS
Exploits0References2
NVD
NVD
added 1999/10/22 4:0 a.m.27 views

CVE-2000-0363

Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory...

6.2CVSS6.6AI score0.00331EPSS
Exploits0References2
Rows per page
Query Builder