CVE-2008-2216

Unrestricted file upload vulnerability in src/yopyupload.php in Project-Based Calendaring System PBCS 0.7.1 allows remote authenticated users to upload arbitrary files to tmp/uploads...

pbcs-multi.txt

Project Based Calendaring System PBCS Version 0.7.1 Multiple Vulnerabilities Script: http://www.pbcs.org/pbcsdownload.php Poc : Hi str0ke Thanx To Posted but I Want Add Some Vulns In This Script 1- remote file upload http://localhost/pbcs-0.7.1-1/src/yopyupload.php after upload you can get you fi...

Fedora 8 : comix-3.6.4-6.fc8 (2008-2981)

Several security flaws are reported against comix 3.6.4. One issue is that comix uses os.popen to execute external commands without handling filenames properly. This may allow malicios users to execute arbitrary commands by opening some files with crafted names. This issue is now identified as...

CVE-2008-1633

Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of 1 /tmp and 2 MINDICACHE...

Code injection

Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of 1 /tmp and 2 MINDICACHE...

CVE-2008-1633

Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of 1 /tmp and 2 MINDICACHE...

CVE-2008-1633

CVE-2008-1633 affects Mondo Rescue before 2.2.5. Multiple connected sources describe an unspecified vulnerability with unknown impact and attack vectors, linked to the use of /tmp and MINDI_CACHE. The documents do not provide concrete root cause analysis, affected subcomponents, exploit details, ...

CVE-2008-1633

Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of 1 /tmp and 2 MINDICACHE...

Information disclosure

phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...

SuSE 10 Security Update : acroread (ZYPP Patch Number 5042)

Adobe Acrobat Reader 8.1.2 contained a /tmp race in its 'acroread' wrapper script in the SSL certificate handling. CVE-2008-0883 Furthermore it contained several duplicated copies of system libraries, which have been removed for this update to make sure they are up-to-date security wise by using...

X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition

X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition !/bin/sh Xorg-x11-xfs Race Condition Vuln local root exploit CVE-2007-3103 Another lame xploit by vl4dZ : works on redhat el5 and before $ id uid=1001kecos gid=1001user groups=1001user $ sh xfs-RaceCondition-root-exploit.sh Generate large data...

Fedora 7 : openldap-2.3.34-6.fc7 (2008-1307)

Tue Feb 5 2008 Jan Safranek 2.3.34-6 - fix CVE-2007-6698 431409 - Mon Jan 14 2008 Jan Safranek 2.3.34-5 - fix default slurpd directory to /var/lib/ldap 424831 - Fri Nov 2 2007 Jan Safranek 2.3.34-4 - fix various security flaws 360081 - Fri Jul 13 2007 Jan Safranek 2.3.34-3 - Fix initscript return...

SuSE 10 Security Update : Geronimo (ZYPP Patch Number 4967)

A chown in the geronimo init script could change ownership of directories it did not own, due to following symlinks. The default setup would corrupt /var/tmp on start. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Improper access control

phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies...

CVE-2007-6358

pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.PID.tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS...

openSUSE 10 Security Update : xen (xen-4616)

This update merges back the Xen version from SLES 10 Service Pack 1 to the 10.1 codebase, which should make it work again. Nevertheless we recommend Xen users to use the latest openSUSE release 10.3 for Xen usage. Additionaly a /tmp race was fixed CVE-2007-3919. %NASLMINLEVEL 70300 C Tenable...

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

Directory traversal

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

DEBIAN-CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...