2 matches found
CVE-2005-2809
The CVE-2005-2809 entry concerns the silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier. A local user can overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file, indicating a symlink/race condition in the temporary file handling. Conc...
CVE-2003-1439
Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 are affected, with passwords and sessions stored in plaintext in memory. The root cause is in-memory plaintext storage, enabling local users to obtain sensitive information. The available documents do not provide further details on affect...