|
317431
|
7.1 |
HIGH
Local
|
microsoft
|
windows_nt
|
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock net…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2001-0006
|
2024-01-27 02:08 |
2001-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317432
|
4.7 |
MEDIUM
Local
|
gnu
debian
canonical
|
cpio
debian_linux
ubuntu_linux
|
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cp…
|
CWE-59
CWE-367
Link Following
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2005-1111
|
2024-01-27 02:07 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317433
|
5.5 |
MEDIUM
Local
|
gentoo
|
linux
portage
|
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
|
CWE-59
Link Following
|
CVE-2004-1901
|
2024-01-27 02:07 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317434
|
5.5 |
MEDIUM
Local
|
cpanel
|
cpanel
|
cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions …
|
CWE-59
Link Following
|
CVE-2004-1603
|
2024-01-27 02:06 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317435
|
7.1 |
HIGH
Local
|
kde
debian
|
kde
debian_linux
|
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
|
CWE-59
Link Following
|
CVE-2004-0689
|
2024-01-27 02:06 |
2004-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317436
|
5.5 |
MEDIUM
Local
|
ekg_project
debian
|
ekg
debian_linux
|
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
|
CWE-59
Link Following
|
CVE-2005-1916
|
2024-01-27 02:01 |
2005-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317437
|
5.5 |
MEDIUM
Local
|
lutel
|
lutelwall
|
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
|
CWE-59
Link Following
|
CVE-2005-1879
|
2024-01-27 02:01 |
2005-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317438
|
5.5 |
MEDIUM
Local
|
everybuddy
|
everybuddy
|
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
|
CWE-59
Link Following
|
CVE-2005-1880
|
2024-01-27 02:00 |
2005-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317439
|
5.5 |
MEDIUM
Local
|
mathopd
|
mathopd
|
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is running with the -n option, allows local users to overwrite arbitrary files via a symlink attack on dum…
|
CWE-59
Link Following
|
CVE-2005-0824
|
2024-01-27 02:00 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317440
|
5.5 |
MEDIUM
Local
|
joseph_allen
|
joe
|
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes.
|
CWE-59
Link Following
|
CVE-2000-1178
|
2024-01-27 01:59 |
2001-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
