Total
1276 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0517 | 1 Mgetty Project | 1 Mgetty | 2024-11-20 | 5.5 Medium |
| faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files. | ||||
| CVE-2002-2382 | 1 Cvsup | 1 Cvsup | 2024-11-20 | N/A |
| cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out. | ||||
| CVE-2002-2374 | 1 Sun | 1 Patchpro | 2024-11-20 | N/A |
| Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | ||||
| CVE-2002-2323 | 1 Sun | 1 Solaris Pc Netlink | 2024-11-20 | 7.5 High |
| Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions. | ||||
| CVE-2002-0824 | 1 Freebsd | 1 Point-to-point Protocol Daemon | 2024-11-20 | N/A |
| BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | ||||
| CVE-2002-0793 | 1 Blackberry | 1 Qnx Neutrino Real-time Operating System | 2024-11-20 | 5.5 Medium |
| Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility. | ||||
| CVE-2002-0725 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-11-20 | 5.5 Medium |
| NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file. | ||||
| CVE-2001-1593 | 1 Gnu | 1 A2ps | 2024-11-20 | N/A |
| The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2001-1494 | 3 Avaya, Kernel, Redhat | 8 Cvlan, Integrated Management Suit, Interactive Response and 5 more | 2024-11-20 | 5.5 Medium |
| script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. | ||||
| CVE-2001-1386 | 1 Texasimperialsoftware | 1 Wftpd | 2024-11-20 | 7.5 High |
| WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension. | ||||
| CVE-2001-1378 | 2 Fetchmail, Redhat | 2 Fetchmail, Linux | 2024-11-20 | N/A |
| fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | ||||
| CVE-2001-1043 | 1 Argosoft | 1 Ftp Server | 2024-11-20 | 7.5 High |
| ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | ||||
| CVE-2001-1042 | 1 Transsoft | 1 Broker Ftp Server | 2024-11-20 | 7.5 High |
| Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | ||||
| CVE-2001-0131 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2024-11-20 | 2.9 Low |
| htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2000-1178 | 1 Joseph Allen | 1 Joe | 2024-11-20 | 5.5 Medium |
| Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. | ||||
| CVE-2000-0972 | 1 Hp | 1 Hp-ux | 2024-11-20 | 5.5 Medium |
| HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates. | ||||
| CVE-2000-0715 | 3 Conectiva, Kirk Bauer, Redhat | 3 Linux, Diskcheck, Powertools | 2024-11-20 | N/A |
| DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2000-0342 | 1 Qualcomm | 1 Eudora | 2024-11-20 | 7.5 High |
| Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." | ||||
| CVE-1999-1593 | 1 Microsoft | 3 Windows 2000, Windows 95, Windows 98 | 2024-11-20 | N/A |
| Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable. | ||||
| CVE-1999-1386 | 1 Perl | 1 Perl | 2024-11-20 | 5.5 Medium |
| Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. | ||||