CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-59

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-9525 59 +Priv 2017-06-09 2017-07-26
6.9
Admin Local Medium Not required Complete Complete Complete
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.
2 CVE-2017-7418 59 Bypass 2017-04-04 2017-04-11
2.1
None Local Low Not required None Partial None
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but can reconfigure the home directory of an FTP user.
3 CVE-2016-10374 59 2017-05-17 2017-05-31
2.1
None Local Low Not required None Partial None
perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and does not have a symlink-attack protection mechanism, which allows local users to overwrite arbitrary files by creating a symlink, as demonstrated by creating a perltidy.ERR symlink that the victim cannot delete.
4 CVE-2016-9774 59 +Priv +Info 2017-03-23 2017-03-31
7.2
None Local Low Not required Complete Complete Complete
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory.
5 CVE-2016-7619 59 2017-02-20 2017-07-26
2.1
None Local Low Not required None Partial None
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "libarchive" component, which allows local users to write to arbitrary files via vectors related to symlinks.
6 CVE-2016-6664 59 +Priv 2016-12-13 2017-06-30
6.9
None Local Medium Not required Complete Complete Complete
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
7 CVE-2016-6253 59 2017-01-20 2017-01-20
7.2
None Local Low Not required Complete Complete Complete
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
8 CVE-2016-4679 59 2017-02-20 2017-07-28
4.3
None Remote Medium Not required None Partial None
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libarchive" component, which allows remote attackers to write to arbitrary files via a crafted archive containing a symlink.
9 CVE-2016-3108 59 2017-06-08 2017-06-14
3.6
None Local Low Not required Partial Partial None
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack.
10 CVE-2016-1247 59 +Priv 2016-11-29 2017-02-23
7.2
Admin Local Low Not required Complete Complete Complete
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log.
11 CVE-2015-8860 59 2017-01-23 2017-01-24
5.0
None Remote Low Not required None Partial None
The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.
12 CVE-2015-8326 59 2017-06-07 2017-06-14
3.6
None Local Low Not required None Partial Partial
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user.
13 CVE-2015-7758 59 2016-01-08 2016-12-05
2.1
None Local Low Not required None Partial None
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.
14 CVE-2015-7724 59 +Priv 2017-06-07 2017-06-14
7.2
None Local Low Not required Complete Complete Complete
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723.
15 CVE-2015-7723 59 +Priv 2017-06-07 2017-06-14
7.2
None Local Low Not required Complete Complete Complete
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack.
16 CVE-2015-6927 59 2015-09-28 2017-06-30
3.6
None Local Low Not required None Partial Partial
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the ploop container root.hdd file and then access a control panel.
17 CVE-2015-6566 59 +Priv 2016-01-11 2016-01-13
7.2
None Local Low Not required Complete Complete Complete
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.
18 CVE-2015-6240 59 2017-06-07 2017-06-14
7.2
None Local Low Not required Complete Complete Complete
The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.
19 CVE-2015-5752 59 Bypass 2015-08-16 2016-12-23
5.0
None Remote Low Not required Partial None None
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink.
20 CVE-2015-5287 59 +Priv 2015-12-07 2016-12-07
6.9
None Local Medium Not required Complete Complete Complete
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
21 CVE-2015-5273 59 2015-12-07 2016-12-07
3.6
None Local Low Not required None Partial Partial
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.
22 CVE-2015-4156 59 2015-06-02 2016-12-07
3.6
None Local Low Not required None Partial Partial
GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows local users to write to arbitrary files via a symlink attack on a temporary file.
23 CVE-2015-4155 59 2015-06-02 2016-12-07
3.6
None Local Low Not required None Partial Partial
GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) --compress, allows local users to write to arbitrary files via a symlink attack on a temporary file.
24 CVE-2015-3629 59 2015-05-18 2017-01-02
7.2
None Local Low Not required Complete Complete Complete
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.
25 CVE-2015-3627 59 +Priv 2015-05-18 2017-01-02
7.2
None Local Low Not required Complete Complete Complete
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.
26 CVE-2015-3436 59 2015-06-09 2016-12-05
6.6
None Local Low Not required None Complete Complete
provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock.
27 CVE-2015-3315 59 2017-06-26 2017-07-05
7.2
None Local Low Not required Complete Complete Complete
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.
28 CVE-2015-3149 59 2017-07-25 2017-07-31
2.1
None Local Low Not required None Partial None
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
29 CVE-2015-1769 59 Exec Code 2015-08-14 2015-10-14
7.2
None Local Low Not required Complete Complete Complete
Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles symlinks, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Mount Manager Elevation of Privilege Vulnerability."
30 CVE-2015-1377 59 2015-02-10 2015-02-11
4.9
None Local Low Not required Complete None None
The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink attack on an unspecified file.
31 CVE-2015-1338 59 DoS +Priv 2015-10-01 2015-10-02
7.2
None Local Low Not required Complete Complete Complete
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
32 CVE-2015-1335 59 2015-10-01 2016-12-07
7.2
None Local Low Not required Complete Complete Complete
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
33 CVE-2015-1331 59 2015-08-12 2016-11-28
4.9
None Local Low Not required None Complete None
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
34 CVE-2015-1196 59 2015-01-21 2016-10-20
4.3
None Remote Medium Not required None Partial None
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
35 CVE-2015-1194 59 2015-01-21 2015-01-23
4.3
None Remote Medium Not required None Partial None
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
36 CVE-2015-1038 59 2015-01-21 2016-12-30
5.8
None Remote Medium Not required None Partial Partial
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
37 CVE-2015-0858 59 2016-05-06 2016-05-09
2.1
None Local Low Not required None Partial None
Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.
38 CVE-2015-0794 59 2015-11-19 2015-11-20
7.2
None Local Low Not required Complete Complete Complete
modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows local users to have unspecified impact via a symlink attack on /tmp/dracut_block_uuid.map.
39 CVE-2015-0556 59 Dir. Trav. 2015-04-08 2017-06-30
5.8
None Remote Medium Not required None Partial Partial
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
40 CVE-2014-9512 59 2015-02-12 2016-12-06
6.4
None Remote Low Not required None Partial Partial
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
41 CVE-2014-9508 59 2015-01-04 2016-11-28
4.3
None Remote Medium Not required None Partial None
The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only contain anchors, allows remote attackers to change URLs to arbitrary domains for those links via unknown vectors.
42 CVE-2014-8585 59 Dir. Trav. 2014-11-04 2014-11-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php.
43 CVE-2014-7206 59 2014-10-15 2014-10-22
3.6
None Local Low Not required None Partial Partial
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
44 CVE-2014-6407 59 Exec Code 2014-12-12 2014-12-15
7.5
None Remote Low Not required Partial Partial Partial
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
45 CVE-2014-5459 59 2014-09-27 2016-10-25
3.6
None Local Low Not required None Partial Partial
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.
46 CVE-2014-5260 59 2014-08-16 2014-09-08
6.3
None Local Medium Not required None Complete Complete
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.
47 CVE-2014-5045 59 DoS 2014-08-01 2017-01-06
6.2
None Local High Not required Complete Complete Complete
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program.
48 CVE-2014-5030 59 2014-07-29 2017-01-06
1.9
None Local Medium Not required Partial None None
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
49 CVE-2014-5029 59 2014-07-29 2017-01-06
1.5
None Local Medium Single system Partial None None
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.
50 CVE-2014-4703 59 +Info 2014-12-05 2016-11-28
2.1
None Local Low Not required Partial None None
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
Total number of vulnerabilities : 436   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.