Search Results (7481 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5742 1 Netcat 1 Netcat 2025-04-09 N/A
Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the redirect parameter in a logoff action to modules/auth/index.php or (2) the url parameter to modules/linkmanager/redirect.php. NOTE: this was reported within an "HTTP Response Splitting" section in the original disclosure.
CVE-2008-6552 2 Fedoraproject, Redhat 7 Fedora, Cluster Project, Cman and 4 more 2025-04-09 N/A
Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9.
CVE-2009-2939 3 Debian, Postfix, Ubuntu 3 Debian Linux, Postfix, Ubuntu Linux 2025-04-09 N/A
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
CVE-2007-5207 1 Debian 1 Guilt 2025-04-09 N/A
guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.
CVE-2007-3742 1 Apple 2 Iphone, Safari 2025-04-09 N/A
WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks.
CVE-2008-0167 2 Debian, Gforge 2 Debian Linux, Gforge 2025-04-09 N/A
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.
CVE-2008-0806 1 Paul Pelzl 1 Wyrd 2025-04-09 N/A
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
CVE-2008-1199 2 Dovecot, Redhat 2 Dovecot, Enterprise Linux 2025-04-09 N/A
Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
CVE-2008-3524 1 Redhat 2 Fedora, Initscripts 2025-04-09 N/A
rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run.
CVE-2008-4406 1 Debian 1 Xsabre 2025-04-09 N/A
A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files.
CVE-2008-4940 1 Aptoncd 1 Aptoncd 2025-04-09 N/A
xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file.
CVE-2008-5138 1 Bkleineidam 1 Libpam Mount 2025-04-09 N/A
passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd.##### temporary file.
CVE-2008-5148 1 Geda 1 Gnetlist 2025-04-09 N/A
sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
CVE-2008-5149 1 Aucko 1 Libncbi6 2025-04-09 N/A
fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
CVE-2008-5153 1 Moodle 1 Moodle 2025-04-09 N/A
spell-check-logic.cgi in Moodle 1.8.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/spell-check-debug.log, (2) /tmp/spell-check-before, or (3) /tmp/spell-check-after temporary file.
CVE-2008-5157 1 Uoregon 1 Tau 2025-04-09 N/A
tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts.
CVE-2008-5366 1 Marco D\'itri 1 Ppp 2025-04-09 N/A
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file.
CVE-2008-5374 2 Matthias Klose, Redhat 2 Bash-doc, Enterprise Linux 2025-04-09 N/A
bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts.
CVE-2008-5379 1 Oliver Gorwits 1 Netdisco Mibs Installer 2025-04-09 N/A
netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/netdisco-mibs-0.6.tar.gz temporary file, related to the (1) netdisco-mibs-install and (2) netdisco-mibs-download scripts.
CVE-2008-5394 1 Debian 1 Shadow 2025-04-09 N/A
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.