ejabberd installation script symbolic links problem

Insecure /tmp files creations...

GLSA-200604-13 : fbida: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200604-13 fbida: Insecure temporary file creation Jan Braun has discovered that the 'fbgs' script provided by fbida insecurely creates temporary files in the '/var/tmp' directory. Impact : A local attacker could create links in th...

linux/x86 SWAP store shellcode 99 bytes

Exploit for linux/x86 platform in category shellcode ======================================= linux/x86 SWAP store shellcode 99 bytes ======================================= / linux-x86-swap-store.c - SWAP store shellcode 99 bytes for Linux/x86 Copyright c 2006 Gotfault Security & rfdslabs Authors...

linux/x86 SWAP store shellcode 99 bytes

No description provided by source. / linux-x86-swap-store.c - SWAP store shellcode 99 bytes for Linux/x86 Copyright c 2006 Gotfault Security & rfdslabs Authors: dx [email protected] spud [email protected] This shellcode reads the content of '/tmp/sws' and stores on swap device at offset 3133...

Avast Linux Home Edition (vulnerability on a temporary folder creation)

Title : Avast Linux Home Edition, vulnerability on a temporary folder creation Protuct : Avast! Linux Home Edition Product : http://www.avast.com/eng/download-avast-for-linux-edition.html Version : 1.0.5, 1.0.5-1 avast4workstation-1.0.5-1.i586.rpm avast4workstation-1.0.5.tar.gz Vuln Found :...

DEBIAN-CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1566

Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...

Design/Logic Flaw

Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...

DEBIAN-CVE-2006-1564

Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...

CVE-2006-1565

Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...

[Full-disclosure] capi4hylafax insecure manipulation with tmp files

capi4hylafax suite http://freshmeat.net/projects/capi4hylafax/ is addon for hylafax fax server http://www.hylafax.org/ vulnerable: capi4hylafax-01.03.00 /probably others/ in capi4hylafax-01.03.00/src/faxrecv/faxrecv.cpp : ifdef GENERATEDEBUGSFFDATAFILE dwarning DebugSffDataFile == 0; if...

Information disclosure

NOCC Webmail 1.0 allows remote attackers to obtain sensitive information via a direct request to 1 the profiles directory, which leaks e-mail addresses contained in filenames of profiles, and 2 the tmp directory, which lists names of uploaded attachments...

CVE-2006-0893

NOCC Webmail 1.0 is affected by an information-disclosure vulnerability where remote attackers can obtain sensitive data by directly requesting files in (1) the profiles directory (exposing e-mail addresses from profile filenames) and (2) the tmp directory (revealing uploaded attachment names). T...

CVE-2006-0893

NOCC Webmail 1.0 allows remote attackers to obtain sensitive information via a direct request to 1 the profiles directory, which leaks e-mail addresses contained in filenames of profiles, and 2 the tmp directory, which lists names of uploaded attachments...

Mandrake Linux Security Advisory : perl-Net_SSLeay (MDKSA-2006:023)

Javier Fernandez-Sanguino Pena discovered that the perl Net::SSLeay module used the file /tmp/entropy as a fallback entropy source if a proper source was not set via the environment variable EGDPATH. This could potentially lead to weakened cryptographic operations if an attacker was able to provi...

Weak Net::SSLeay perl module encryption

/tmp/entropy file is used for entropy gathering if no entropy source is specified with EGDPATH envoronment variable. Attacker can fille file with known data...

Mandrake Linux Security Advisory : smb4k (MDKSA-2005:157)

A severe security issue has been discovered in Smb4K. By linking a simple text file FILE to /tmp/smb4k.tmp or /tmp/sudoers, an attacker could get access to the full contents of the /etc/super.tab or /etc/sudoers file, respectively, because Smb4K didn't check for the existance of these files befor...

x_aix5_bellmail.pl.txt

-bash-2.05b$ -bash-2.05b$ cat xaix5bellmail.pl !/usr/bin/perl FileName: xaix5bellmail.pl Exploit "Race condition vulnerability BUGTRAQ ID: 8805" of /usr/bin/bellmail command on Aix5 to change any file owner to current user. Usage : xaix5bellmail.pl aimfile aimfile : then file wich you want to cho...

FreeBSD : mod_dosevasive -- insecure temporary file creation (88ff90f2-6e43-11d9-8c87-000a95bc6fae)

An LSS Security Advisory reports : When a denial of service attack is detected, moddosevasive will, among other things, create a temporary file which it will use to trace actions from the offensive IP address. This file is insecurely created in /tmp and it's name is easily predictable. It is then...

CVE-2005-1944

xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp...