CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1111 matches found

Cvelist•added 2008/11/05 2:51 p.m.•31 views

CVE-2008-4956

fwbinstall in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent. temporary file...

6.1AI score0.00026EPSS

Exploits1References5

Debian CVE•added 2008/11/05 2:51 p.m.•8 views

CVE-2008-4960

impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/-tmp.ps and 2 /tmp/bboxx- temporary files...

6.9CVSS6.2AI score0.00028EPSS

Exploits1

UbuntuCve•added 2008/10/07 9:11 p.m.•14 views

CVE-2008-4476

sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympaaliases.$$ temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability...

6.9CVSS6AI score0.00023EPSS

Exploits0References1

Debian CVE•added 2008/10/07 9:0 p.m.•15 views

CVE-2008-4476

6.9CVSS4.7AI score0.00023EPSS

Exploits0

Prion•added 2008/10/03 5:41 p.m.•17 views

Design/Logic Flaw

XRunSabre in sabre aka xsabre 0.2.4b relies on the ability to create /tmp/sabre.log, which allows local users to cause a denial of service application unavailability by creating a /tmp/sabre.log file that cannot be overwritten...

2.1CVSS6.7AI score0.00053EPSS

Exploits0References2Affected Software1

Cvelist•added 2008/10/03 5:18 p.m.•17 views

CVE-2008-4407

6.2AI score0.00053EPSS

Exploits0References2

CVE•added 2008/09/29 5:0 p.m.•66 views

CVE-2008-4192

CVE-2008-4192 affects CMAN fence_egenera (cman 2.20080629/2.20080801); local attacker can overwrite arbitrary files via a symlink attack on /tmp/eglog. Connected advisories reference Red Hat/CentOS fence updates (RHSA-2011:0266, RHBA-2010:0266) and Ubuntu USN-875-1 confirming insecure temporary f...

6.9CVSS5.9AI score0.00131EPSS

Exploits0References18Affected Software1

Cvelist•added 2008/09/29 5:0 p.m.•25 views

CVE-2008-4192

The pservershutdown function in fenceegenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...

5.9AI score0.00131EPSS

Exploits0References18

UbuntuCve•added 2008/09/29 12:0 a.m.•23 views

CVE-2008-4192

The pservershutdown function in fenceegenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...

6.9CVSS6AI score0.00131EPSS

Exploits0References2

OSV•added 2008/09/15 5:12 p.m.•1 views

DEBIAN-CVE-2008-4085

plaiter in Plait before 1.6 allows local users to overwrite arbitrary files via a symlink attack on 1 cut.$$, 2 head.$$, 3 awk.$$, and 4 ps.$$ temporary files in /tmp/...

4.4CVSS6.6AI score0.00037EPSS

Exploits0References1

NVD•added 2008/09/02 3:41 p.m.•8 views

CVE-2008-3883

configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/roken.pike temporary file...

7.2CVSS6.3AI score0.00027EPSS

Exploits0References8

seebug.org•added 2008/07/30 12:0 a.m.•20 views

Extmail安全漏洞

ExtMail Project 是一个活跃的开源邮件系统项目，目前由ExtMail...

7.1AI score

Exploits0

seebug.org•added 2008/07/16 12:0 a.m.•24 views

GNU make /tmp 漏洞

GNU make处理通过标准输入提供的makefile内容时存在一个漏洞。GNU make没有检查这些文件是否存在或是这些文件是否是符号连接，就在/tmp目录下创建文件，攻击者可以简单的创建一个指向系统其他文件的符号连接。攻击者可以以运行make用户的身份创建文件，如果这个用户是root，将会获得root权限。 GNU make 3.77-44 S.u.S.E. Linux 6.3 S.u.S.E. Linux 6.1 SuSE已经发布补丁程序： ftp://ftp.suse.com/pub/suse/i386/update for Intel processors...

7.1AI score

Exploits0

RedHat Linux•added 2008/06/24 9:19 a.m.•2 views

sblim: libraries built with insecure RPATH

Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability sblim libraries before 1-13a.el46.1 in Red Hat Enterprise Linux RHEL 4, and before 1-31.el52.1 in RHEL 5, allows local users to gain privileges via a malicious library...

4.6CVSS5.8AI score0.00123EPSS

Exploits0References4

NVD•added 2008/05/14 6:20 p.m.•18 views

CVE-2008-2216

Unrestricted file upload vulnerability in src/yopyupload.php in Project-Based Calendaring System PBCS 0.7.1 allows remote authenticated users to upload arbitrary files to tmp/uploads...

9CVSS6.4AI score0.04398EPSS

Exploits1References3

Packet Storm•added 2008/05/01 12:0 a.m.•22 views

pbcs-multi.txt

Project Based Calendaring System PBCS Version 0.7.1 Multiple Vulnerabilities Script: http://www.pbcs.org/pbcsdownload.php Poc : Hi str0ke Thanx To Posted but I Want Add Some Vulns In This Script 1- remote file upload http://localhost/pbcs-0.7.1-1/src/yopyupload.php after upload you can get you fi...

7.4AI score

Exploits0

Tenable Nessus•added 2008/04/11 12:0 a.m.•16 views

Fedora 8 : comix-3.6.4-6.fc8 (2008-2981)

Several security flaws are reported against comix 3.6.4. One issue is that comix uses os.popen to execute external commands without handling filenames properly. This may allow malicios users to execute arbitrary commands by opening some files with crafted names. This issue is now identified as...

7.5CVSS5.7AI score0.00905EPSS

Exploits0References4

Prion•added 2008/04/02 5:44 p.m.•9 views

Code injection

Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of 1 /tmp and 2 MINDICACHE...

10CVSS7.1AI score0.00366EPSS

Exploits0References4Affected Software1

NVD•added 2008/04/02 5:44 p.m.•13 views

CVE-2008-1633

Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of 1 /tmp and 2 MINDICACHE...

10CVSS6.5AI score0.00366EPSS

Exploits0References4