Search
Total
427 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1378 | 1 Fetchmail | 1 Fetchmail | 2011-02-16 | 2.1 LOW | N/A |
| fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | |||||
| CVE-2008-5313 | 1 Mailscanner | 1 Mailscanner | 2010-12-28 | 6.9 MEDIUM | N/A |
| mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file. | |||||
| CVE-2008-4639 | 1 Sentex | 1 Jhead | 2010-12-28 | 4.6 MEDIUM | N/A |
| jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2008-5312 | 1 Mailscanner | 1 Mailscanner | 2010-12-28 | 6.9 MEDIUM | N/A |
| mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140. | |||||
| CVE-2010-4173 | 1 Openfabrics | 1 Libsdp | 2010-11-30 | 3.3 LOW | N/A |
| The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file. | |||||
| CVE-2009-5007 | 1 Cisco | 1 Anyconnect Ssl Vpn | 2010-11-11 | 3.3 LOW | N/A |
| The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files. | |||||
| CVE-2010-2794 | 2 Mozilla, Redhat | 2 Firefox, Spice-xpi | 2010-09-08 | 3.3 LOW | N/A |
| The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file. | |||||
| CVE-2010-2056 | 1 Gnu | 1 Gv | 2010-07-22 | 3.3 LOW | N/A |
| GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2009-1299 | 1 Pulseaudio | 1 Pulseaudio | 2010-06-29 | 6.9 MEDIUM | N/A |
| The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file. | |||||
| CVE-2010-2192 | 1 Vincent Fourmond | 1 Pmount | 2010-06-22 | 1.9 LOW | N/A |
| The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/. | |||||
| CVE-2010-0546 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-06-17 | 3.3 LOW | N/A |
| Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder. | |||||
| CVE-2010-1160 | 1 Gnu | 1 Nano | 2010-06-07 | 1.9 LOW | N/A |
| GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim. | |||||
| CVE-2009-1526 | 1 Jbmc-software | 1 Directadmin | 2010-03-29 | 6.9 MEDIUM | N/A |
| JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATH_INFO to the CMD_DB script during a backup action. | |||||
| CVE-2009-3304 | 1 Gforge | 1 Gforge | 2009-12-07 | 3.3 LOW | N/A |
| GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php. | |||||
| CVE-2008-4975 | 1 Debian | 1 Newsgate | 2009-09-15 | 6.9 MEDIUM | N/A |
| mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file. | |||||
| CVE-2008-4980 | 1 Zak B Elep | 1 Rccp | 2009-09-15 | 6.9 MEDIUM | N/A |
| delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file. | |||||
| CVE-2008-4979 | 1 Shrubbery | 1 Rancid | 2009-09-15 | 6.9 MEDIUM | N/A |
| getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /tmp/ipacct.##### temporary files. | |||||
| CVE-2008-5371 | 1 Marc Gloor | 1 Screenie | 2009-09-11 | 6.9 MEDIUM | N/A |
| screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie.##### temporary file. | |||||
| CVE-2008-5375 | 1 Cmus | 1 Cmus | 2009-09-11 | 6.9 MEDIUM | N/A |
| cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file. | |||||
| CVE-2008-4960 | 1 Dov Grobgeld | 1 Impose\+ | 2009-08-26 | 6.9 MEDIUM | N/A |
| impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files. | |||||
| CVE-2008-4954 | 1 Fumitoshi Ukai | 1 Fml | 2009-08-26 | 6.9 MEDIUM | N/A |
| mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file. | |||||
| CVE-2008-4948 | 1 Nostatic | 1 Digitaldj | 2009-08-26 | 6.9 MEDIUM | N/A |
| fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file. | |||||
| CVE-2008-4947 | 1 Guus Sliepen | 1 Dhis-server | 2009-08-26 | 6.9 MEDIUM | N/A |
| dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file. | |||||
| CVE-2008-5703 | 1 Gpsdrive | 1 Gpsdrive | 2009-08-19 | 6.2 MEDIUM | N/A |
| gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) examples/gpssmswatch and (2) src/splash.c, different vectors than CVE-2008-4959 and CVE-2008-5380. | |||||
| CVE-2008-5380 | 1 Gpsdrive | 1 Gpsdrive | 2009-08-19 | 6.9 MEDIUM | N/A |
| gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary file, related to the (1) geo-code and (2) geo-nearest scripts, different vectors than CVE-2008-4959. | |||||
| CVE-2008-4943 | 1 Iglues | 1 Bulmages-servers | 2009-07-21 | 6.9 MEDIUM | N/A |
| bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts. | |||||
| CVE-2008-4953 | 1 Firehol | 1 Firehol | 2009-07-20 | 6.9 MEDIUM | N/A |
| ** DISPUTED ** firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks." | |||||
| CVE-2008-4946 | 1 Convirture | 1 Convirt | 2009-07-20 | 6.9 MEDIUM | N/A |
| convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows_CD_Install/provision.sh scripts in image_store/. | |||||
| CVE-2008-4956 | 1 Firewallbuilder | 1 Fwbuilder | 2009-07-20 | 6.9 MEDIUM | N/A |
| fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file. | |||||
| CVE-2008-4955 | 1 Duncan Webb | 1 Freevo | 2009-07-20 | 6.2 MEDIUM | N/A |
| freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code. | |||||
| CVE-2008-4950 | 1 Debian | 1 Dpkg-cross | 2009-07-20 | 6.9 MEDIUM | N/A |
| ** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot." | |||||
| CVE-2008-5378 | 1 Lehrstuhl Fur Mikrobiologie | 1 Arb | 2009-07-15 | 6.9 MEDIUM | N/A |
| arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary file. | |||||
| CVE-2009-1753 | 1 Emn | 1 Coccinelle | 2009-06-23 | 3.3 LOW | N/A |
| Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file." | |||||
| CVE-2008-5704 | 1 Gpsdrive | 1 Gpsdrive | 2009-05-20 | 7.6 HIGH | N/A |
| src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380. | |||||
| CVE-2009-1253 | 1 James Stone | 1 Tunapie | 2009-04-16 | 4.4 MEDIUM | N/A |
| James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file. | |||||
| CVE-2008-5368 | 1 Lukas Ruf | 1 Muttprint | 2009-03-26 | 6.9 MEDIUM | N/A |
| muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file. | |||||
| CVE-2009-0416 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2009-02-20 | 6.9 MEDIUM | N/A |
| The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | |||||
| CVE-2008-5155 | 1 Smsclient | 1 Smsclient | 2009-02-17 | 9.3 HIGH | N/A |
| mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file. | |||||
| CVE-2008-5137 | 1 Tkman | 1 Tkman | 2009-02-17 | 6.9 MEDIUM | N/A |
| tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file. | |||||
| CVE-2008-5139 | 1 Javier Fernandez | 1 Jailer | 2009-02-17 | 6.9 MEDIUM | N/A |
| updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file. | |||||
| CVE-2008-5136 | 1 Ldrolez | 1 Tkusr | 2009-02-17 | 6.9 MEDIUM | N/A |
| tkusr in tkusr 0.82 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/tkusr.pgm temporary file. | |||||
| CVE-2008-5149 | 1 Aucko | 1 Libncbi6 | 2009-02-17 | 6.9 MEDIUM | N/A |
| fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file. | |||||
| CVE-2008-5144 | 1 Federico Di Gregorio | 1 Nvidia-cg-toolkit | 2009-02-17 | 6.9 MEDIUM | N/A |
| nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file. | |||||
| CVE-2008-4474 | 1 Freeradius | 1 Freeradius | 2009-02-06 | 7.2 HIGH | N/A |
| freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct. | |||||
| CVE-2008-5366 | 1 Marco D\'itri | 1 Ppp | 2009-01-23 | 6.9 MEDIUM | N/A |
| The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file. | |||||
| CVE-2008-5370 | 1 Pvpgn | 1 Pvpgn | 2008-12-16 | 6.9 MEDIUM | N/A |
| pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file. | |||||
| CVE-2008-5367 | 1 Marco D\'itri | 1 Ppp-udeb | 2008-12-09 | 6.9 MEDIUM | N/A |
| ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file. | |||||
| CVE-2008-5379 | 1 Oliver Gorwits | 1 Netdisco Mibs Installer | 2008-12-09 | 6.9 MEDIUM | N/A |
| netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/netdisco-mibs-0.6.tar.gz temporary file, related to the (1) netdisco-mibs-install and (2) netdisco-mibs-download scripts. | |||||
| CVE-2008-5376 | 1 Crip | 1 Crip | 2008-12-09 | 6.9 MEDIUM | N/A |
| editcomment in crip 3.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.tag.tmp temporary file. | |||||
| CVE-2008-5372 | 1 Jonas Smedegaard | 1 Sdm-terminal | 2008-12-09 | 6.9 MEDIUM | N/A |
| sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sdm.autologin.once temporary file. | |||||