Metasploit 4.4 - pcap_log Plugin Privilege Escalation (Metasploit)

Metasploit 4.4 - pcaplog Plugin Privilege Escalation Metasploit This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require...

CVE-2012-4454

openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the 1 .pkapixpk or 2 .pkcs11spinloc file in /tmp...

DEBIAN-CVE-2012-4454

openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the 1 .pkapixpk or 2 .pkcs11spinloc file in /tmp...

CVE-2012-5355

welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...

CVE-2012-5355

welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp...

CVE-2011-4363

ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS...

CVE-2011-4363

ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS...

Mandrake Linux Security Advisory : MandrakeUpdate (MDKSA-2000:034)

There is a possible race condition in MandrakeUpdate that has the potential for users to tamper with RPMs downloaded by MandrakeUpdate prior to them being installed. This is due to files being stored in the /tmp directory. This is a very low security-risk as most servers that provide user logins...

CVE-2012-3537

The Crowbar Ohai plugin chef/cookbooks/ohai/files/default/plugins/crowbar.rb in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names...

CVE-2012-3537

The Crowbar Ohai plugin chef/cookbooks/ohai/files/default/plugins/crowbar.rb in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names...

CVE-2011-5146

Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot...

CVE-2011-5146

Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot...

Sun Update Manager /tmp Clobber

author http://packetstormsecurity.org/user/lcashdol/ Noticed this during routine patching. /tmp file clobbering vulnerability in Sun Update manager. 7/15/2012 noticed this while patching my lab solaris system tonight. larry@s0l4r1s:/tmp$ ln -s /etc/shadow com.sun.swup.client.LOCK updatemanager is...

Mathematica8.0.4 on Linux /tmp/MathLink vulnerability

The problem reported for Mathematica became worse at version 8.0.4, present for the command-line interface "math" also. Cheers, Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia ---...

Mathematica On Linux /tmp Vulnerability

"If you're doing anything technical, think Mathematica --..." http://www.wolfram.com/products/mathematica/index.html Mathematica7 on Linux uses the /tmp/MathLink directory in insecure ways. Mathematica creates or re-uses an existing /tmp/MathLink directory, and overwrites files within and follows...

Code injection

@Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to execute arbitrary code via an e-mail attachment with an executable extension, leading to the creation of an executable file under tmp/...

Fedora 17 : iproute-3.2.0-3.fc17 (2012-2818)

Address dangerous /tmp files security issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

LightDM 1.0.6 - Arbitrary File Deletion

source: https://www.securityfocus.com/bid/52452/info Light Display Manager LightDM is prone to a local arbitrary-file-deletion vulnerability. A local attacker can exploit this issue to delete arbitrary files with administrator privileges. Light Display Manager LightDM 1.0.6 is vulnerable. Other...

gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk

Title: Gnome terminal, xfce4-terminal, terminator and other libVTE based terminals write scrollback buffer data to /tmp filesystem Report date: 2011-03-06 Reported by: Mark Krenz Severity: High depending on use and expectations Software: libVTE v0.21.6 and later since September 17th, 2009 Copy of...

sos security, bug fix, and enhancement update

1.7-9.62.0.1.el5 - add patch to remove all sysrq echo commands from sysreport.legacy John Sobecki orabug 11061754 - comment out rh-upload-core and README.rh-upload-core in specfile 1.7-9.62 - Always log plugin exceptions that are not raised to the interpreter Resolves: bz717480 - Ensure relative...