1124 matches found
CVE-2007-6358
pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.PID.tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS...
openSUSE 10 Security Update : xen (xen-4616)
This update merges back the Xen version from SLES 10 Service Pack 1 to the 10.1 codebase, which should make it work again. Nevertheless we recommend Xen users to use the latest openSUSE release 10.3 for Xen usage. Additionaly a /tmp race was fixed CVE-2007-3919. %NASLMINLEVEL 70300 C Tenable...
CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
Directory traversal
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
DEBIAN-CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
CVE-2007-4129
CVE-2007-4129 affects CoolKey 1.1.0, where a local attacker can exploit a symlink in /tmp/.pk11ipc1/ to overwrite arbitrary files. This is a local impact vulnerability with the root cause in how temporary folders are created. Public sources confirm the issue and reference vendor advisories and pa...
coolkey file and directory permission flaw
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
Fedora 7 : po4a-0.32-4.fc7 (2007-1763)
This update fixes a potential security problem information leak due to use of predictable name in /tmp. There is no CVE assignment yet Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automaticall...
CVE-2002-2382
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out...
GDM: Local Denial of service
Background GDM is the GNOME display manager. Description The result of a gstrsplit call is incorrectly parsed in the files daemon/gdm.c, daemon/gdmconfig.c, gui/gdmconfig.c and gui/gdmflexiserver.c, allowing for a null pointer dereference. Impact A local user could send a crafted message to...
po4a symbolic links problem
Symbolic links problem on /tmp/gettextization.failed.po file creation...
CVE-2007-3852
The init script sysstat.in in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code...
Command injection
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command...
CVE-2007-0751
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command...
netperf netserver symbolic links vulnerability
Symbolic links vulnerability on /tmp/netperf.debug file creation...
SUSE-SA:2006:073: mono-core
The remote host is missing the patch for the advisory SUSE-SA:2006:073 mono-core. Sebastian Krahmer of SUSE Security found that the Mono System.Xml.Serialization class contained a /tmp race which potentially allows local attackers to execute code as the user using the Serialization method. This i...
TWiki vulnerable to arbitrary code execution via CGI session files
Overview TWiki fails to protect the CGI session directory, which may allow an attacker to execute arbitrary code with the privileges of the web server. Description TWiki is a web-based collaborative publishing environment. TWiki creates CGI session files in the global /tmp directory, which is...
GLSA-200701-19 : OpenLDAP: Insecure usage of /tmp during installation
The remote host is affected by the vulnerability described in GLSA-200701-19 OpenLDAP: Insecure usage of /tmp during installation Tavis Ormandy of the Gentoo Linux Security Team has discovered that the file gencert.sh distributed with the Gentoo ebuild for OpenLDAP does not exit upon the existenc...
[ GLSA 200701-19 ] OpenLDAP: Insecure usage of /tmp during installation
Gentoo Linux Security Advisory GLSA 200701-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...