Lucene search
K

1124 matches found

Debian CVE
Debian CVE
added 2007/12/15 1:0 a.m.28 views

CVE-2007-6358

pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.PID.tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS...

4.9CVSS6.1AI score0.00467EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/11/14 12:0 a.m.38 views

openSUSE 10 Security Update : xen (xen-4616)

This update merges back the Xen version from SLES 10 Service Pack 1 to the 10.1 codebase, which should make it work again. Nevertheless we recommend Xen users to use the latest openSUSE release 10.3 for Xen usage. Additionaly a /tmp race was fixed CVE-2007-3919. %NASLMINLEVEL 70300 C Tenable...

6CVSS8.2AI score0.00333EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2007/11/08 11:46 a.m.23 views

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6AI score0.00301EPSS
Exploits1References1
Prion
Prion
added 2007/11/08 11:46 a.m.18 views

Directory traversal

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6.3AI score0.00301EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2007/11/08 11:46 a.m.1 views

DEBIAN-CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6.7AI score0.00301EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2007/11/08 11:0 a.m.25 views

CVE-2007-4129

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS6.1AI score0.00301EPSS
Exploits1
CVE
CVE
added 2007/11/08 11:0 a.m.61 views

CVE-2007-4129

CVE-2007-4129 affects CoolKey 1.1.0, where a local attacker can exploit a symlink in /tmp/.pk11ipc1/ to overwrite arbitrary files. This is a local impact vulnerability with the root cause in how temporary folders are created. Public sources confirm the issue and reference vendor advisories and pa...

3.3CVSS6AI score0.00301EPSS
Exploits1References7Affected Software1
RedHat Linux
RedHat Linux
added 2007/11/07 9:0 a.m.6 views

coolkey file and directory permission flaw

CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...

3.3CVSS5.9AI score0.00301EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2007/11/06 12:0 a.m.28 views

Fedora 7 : po4a-0.32-4.fc7 (2007-1763)

This update fixes a potential security problem information leak due to use of predictable name in /tmp. There is no CVE assignment yet Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automaticall...

5.5AI score
Exploits0References1
Cvelist
Cvelist
added 2007/10/31 4:0 p.m.13 views

CVE-2002-2382

cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out...

6.6AI score0.00311EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2007/09/18 12:0 a.m.17 views

GDM: Local Denial of service

Background GDM is the GNOME display manager. Description The result of a gstrsplit call is incorrectly parsed in the files daemon/gdm.c, daemon/gdmconfig.c, gui/gdmconfig.c and gui/gdmflexiserver.c, allowing for a null pointer dereference. Impact A local user could send a crafted message to...

1.5CVSS6.1AI score0.00327EPSS
Exploits1
securityvulns
securityvulns
added 2007/09/14 12:0 a.m.27 views

po4a symbolic links problem

Symbolic links problem on /tmp/gettextization.failed.po file creation...

3.3CVSS1.6AI score0.00302EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2007/08/14 6:0 p.m.16 views

CVE-2007-3852

The init script sysstat.in in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code...

4.4CVSS4.5AI score0.00433EPSS
Exploits0
Prion
Prion
added 2007/05/24 10:30 p.m.19 views

Command injection

A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command...

2.1CVSS6.8AI score0.00321EPSS
Exploits1References8Affected Software2
Cvelist
Cvelist
added 2007/05/24 10:0 p.m.28 views

CVE-2007-0751

A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command...

7.1AI score0.00321EPSS
Exploits1References8
securityvulns
securityvulns
added 2007/03/18 12:0 a.m.29 views

netperf netserver symbolic links vulnerability

Symbolic links vulnerability on /tmp/netperf.debug file creation...

4.4CVSS1.9AI score0.003EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.28 views

SUSE-SA:2006:073: mono-core

The remote host is missing the patch for the advisory SUSE-SA:2006:073 mono-core. Sebastian Krahmer of SUSE Security found that the Mono System.Xml.Serialization class contained a /tmp race which potentially allows local attackers to execute code as the user using the Serialization method. This i...

6.2CVSS5.8AI score0.00449EPSS
Exploits0
CERT
CERT
added 2007/02/08 12:0 a.m.23 views

TWiki vulnerable to arbitrary code execution via CGI session files

Overview TWiki fails to protect the CGI session directory, which may allow an attacker to execute arbitrary code with the privileges of the web server. Description TWiki is a web-based collaborative publishing environment. TWiki creates CGI session files in the global /tmp directory, which is...

4.6CVSS7AI score0.00375EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/01/26 12:0 a.m.21 views

GLSA-200701-19 : OpenLDAP: Insecure usage of /tmp during installation

The remote host is affected by the vulnerability described in GLSA-200701-19 OpenLDAP: Insecure usage of /tmp during installation Tavis Ormandy of the Gentoo Linux Security Team has discovered that the file gencert.sh distributed with the Gentoo ebuild for OpenLDAP does not exit upon the existenc...

4.6CVSS5.7AI score0.00347EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.30 views

[ GLSA 200701-19 ] OpenLDAP: Insecure usage of /tmp during installation

Gentoo Linux Security Advisory GLSA 200701-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

0.1AI score
Exploits0
Rows per page
Query Builder