RPLY Predictable Tmpfile Names Allows Cache Spoofing

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

DEBIAN-CVE-2015-5706

Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via OTMPFILE filesystem operations that leverage a duplicate cleanup operation...

UBUNTU-CVE-2015-5706

Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via OTMPFILE filesystem operations that leverage a duplicate cleanup operation...

SuSE 11.2 Security Update : pcp (SAT Patch Number 7221)

pcp was updated to version 3.6.10 which fixes security issues and also brings a lot of new features. - Update to pcp-3.6.10. - Transition daemons to run under an unprivileged account. - Fixes for security advisory CVE-2012-5530: tmpfile flaws;. bnc782967 - Fix pcp1 command short-form pmlogger...

DEBIAN-CVE-2012-2093

src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the gettmpfilename function...

CVE-2008-3521

Race condition in the jasstreamtmpfile function in libjasper/base/jasstream.c in JasPer 1.900.1 allows local users to cause a denial of service program exit by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issu...

Fedora 8 : emacspeak-28.0-3.fc8 (2008-8423)

Fri Sep 26 2008 Jens Petersen - 28.0-3 - CVE-2008-4191 fix tmpfile vulnerability in extract-table.pl with emacspeak-28.0-tmpfile.patch from upstream svn 463819 - Fri Sep 26 2008 Jens Petersen - 28.0-2 - fix broken generated deps reported by mtasaka 463899 - script the replacement of tcl with...

Fedora Core 6 : xen-3.0.3-13.fc6 (2007-737)

Fri Oct 26 2007 Daniel P. Berrange - 3.1.0-13.fc6 - Fixed xenbaked tmpfile flaw CVE-2007-3919 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

Debian DSA-770-1 : gopher - insecure tmpfile creating

John Goerzen discovered that gopher, a client for the Gopher Distributed Hypertext protocol, creates temporary files in an insecure fashion. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

Samba 'smbprint' script tmpfile vulnerability.

Product: Samba 'smbprint' script. http://www.samba.org Versions: All versions, but manifesting in different ways. Bug: Symlink bug / tmpfile bug. Impact: Attacker's can write to arbitrary files, and in theory, elevate privileges unlikely Risk: LOW Date: March 19, 2004 Author: Shaun Colley Email:...

smbprintsymlink.txt

Product: Samba 'smbprint' script. http://www.samba.org Versions: All versions, but manifesting in different ways. Bug: Symlink bug / tmpfile bug. Impact: Attacker's can write to arbitrary files, and in theory, elevate privileges unlikely Risk: LOW Date: March 19, 2004 Author: Shaun Colley Email:...