Total
1026 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5007 | 1 Lazarus | 1 Lazarus | 2023-12-10 | 6.9 MEDIUM | N/A |
create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory. | |||||
CVE-2008-4935 | 1 Amiga | 1 Aview | 2023-12-10 | 6.9 MEDIUM | N/A |
asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview#####.pgm temporary file. | |||||
CVE-2008-4975 | 1 Debian | 1 Newsgate | 2023-12-10 | 6.9 MEDIUM | N/A |
mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file. | |||||
CVE-2008-3928 | 1 Debian | 1 Honeyd Common | 2023-12-10 | 6.9 MEDIUM | N/A |
test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2008-4970 | 1 Lustre | 1 Lustre-tests | 2023-12-10 | 6.9 MEDIUM | N/A |
runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file. | |||||
CVE-2008-4832 | 1 Rpath | 3 Appliance Platform Linux Service, Initscripts, Linux | 2023-12-10 | 6.9 MEDIUM | N/A |
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | |||||
CVE-2008-4980 | 1 Zak B Elep | 1 Rccp | 2023-12-10 | 6.9 MEDIUM | N/A |
delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file. | |||||
CVE-2008-4959 | 1 Gpsdrive | 1 Gpsdrive-scripts | 2023-12-10 | 6.9 MEDIUM | N/A |
geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files. | |||||
CVE-2008-5380 | 1 Gpsdrive | 1 Gpsdrive | 2023-12-10 | 6.9 MEDIUM | N/A |
gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary file, related to the (1) geo-code and (2) geo-nearest scripts, different vectors than CVE-2008-4959. | |||||
CVE-2008-4948 | 1 Nostatic | 1 Digitaldj | 2023-12-10 | 6.9 MEDIUM | N/A |
fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file. | |||||
CVE-2008-4958 | 1 Alejandro Garrido Mota | 1 Gdrae | 2023-12-10 | 6.9 MEDIUM | N/A |
gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file. | |||||
CVE-2008-0167 | 2 Debian, Gforge | 2 Debian Linux, Gforge | 2023-12-10 | 4.6 MEDIUM | N/A |
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances. | |||||
CVE-2009-2939 | 3 Debian, Postfix, Ubuntu | 3 Debian Linux, Postfix, Ubuntu Linux | 2023-12-10 | 6.9 MEDIUM | N/A |
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files. | |||||
CVE-2008-5366 | 1 Marco D\'itri | 1 Ppp | 2023-12-10 | 6.9 MEDIUM | N/A |
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file. | |||||
CVE-2009-0416 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2023-12-10 | 6.9 MEDIUM | N/A |
The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | |||||
CVE-2008-4954 | 1 Fumitoshi Ukai | 1 Fml | 2023-12-10 | 6.9 MEDIUM | N/A |
mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file. | |||||
CVE-2008-4966 | 1 Openswan | 1 Linux-patch-openswan | 2023-12-10 | 6.9 MEDIUM | N/A |
linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts. | |||||
CVE-2008-1417 | 1 Axyl | 1 Axyl | 2023-12-10 | 6.9 MEDIUM | N/A |
The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the axyl.conf temporary file. | |||||
CVE-2008-5144 | 1 Federico Di Gregorio | 1 Nvidia-cg-toolkit | 2023-12-10 | 6.9 MEDIUM | N/A |
nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file. | |||||
CVE-2008-2311 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.6 HIGH | N/A |
Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file. |