CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
12401 CVE-2008-4998 59 2008-11-07 2008-11-10
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid."
12402 CVE-2008-4997 59 2008-11-07 2008-11-10
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage."
12403 CVE-2008-4996 59 2008-11-07 2008-11-10
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable."
12404 CVE-2008-4995 59 2008-11-07 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default.
12405 CVE-2008-4994 59 2008-11-07 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file.
12406 CVE-2008-4993 59 2008-11-07 2017-09-28
6.9
None Local Medium Not required Complete Complete Complete
qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file.
12407 CVE-2008-4990 59 2009-02-02 2018-10-11
6.9
Admin Local Medium Not required Complete Complete Complete
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.
12408 CVE-2008-4988 59 2008-11-06 2008-11-06
6.9
None Local Medium Not required Complete Complete Complete
pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal##### temporary file.
12409 CVE-2008-4987 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts.
12410 CVE-2008-4986 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts.
12411 CVE-2008-4985 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/memleaktest.log temporary file.
12412 CVE-2008-4984 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts.
12413 CVE-2008-4983 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/SciLink#####1, (b) /tmp/SciLink#####2, (c) /tmp/SciLink#####3, (d) /tmp/*.#####, (e) /tmp/*.#####.res, (f) /tmp/*.#####.err, and (g) /tmp/*.#####.diff temporary files, related to the (1) scilink, (2) scidoc, and (3) scidem scripts.
12414 CVE-2008-4982 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270.
12415 CVE-2008-4981 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
perl.robot in realtimebattle 1.0.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl.robot.log temporary file.
12416 CVE-2008-4980 59 2008-11-06 2009-09-15
6.9
None Local Medium Not required Complete Complete Complete
delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file.
12417 CVE-2008-4979 59 2008-11-06 2009-09-15
6.9
None Local Medium Not required Complete Complete Complete
getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /tmp/ipacct.##### temporary files.
12418 CVE-2008-4978 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (g) /tmp/tl#####.pic, (h) /tmp/ds#####.pic, (i) /tmp/tfa#####, and (j) /tmp/sed##### temporary files, related to the (1) optics2rad, (2) pdelta, (3) dayfact, and (4) raddepend scripts.
12419 CVE-2008-4977 59 2008-11-06 2008-11-06
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it."
12420 CVE-2008-4976 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/ogle_audio.#####, (b) /tmp/ogle_cli.#####, (c) /tmp/ogle_ctrl.#####, (d) /tmp/ogle_gui.#####, (e) /tmp/ogle_mpeg_ps.#####, (f) /tmp/ogle_mpeg_vs.#####, (g) /tmp/ogle_nav.#####, and (h) /tmp/ogle_vout.#####, temporary files, related to the (1) ogle_audio_debug, (2) ogle_cli_debug, (3) ogle_ctrl_debug, (4) ogle_gui_debug, (5) ogle_mpeg_ps_debug, (6) ogle_mpeg_vs_debug, (7) ogle_nav_debug, and (8) ogle_vout_debug scripts.
12421 CVE-2008-4975 59 2008-11-06 2009-09-15
6.9
None Local Medium Not required Complete Complete Complete
mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file.
12422 CVE-2008-4974 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
rrdedit in netmrg 0.20 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*.xml and (2) /tmp/*.backup temporary files.
12423 CVE-2008-4973 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/i2my#####.1 and (2) /tmp/i2my#####.2 temporary files.
12424 CVE-2008-4972 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
mailgo in mgt 2.31 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mailgo##### temporary file.
12425 CVE-2008-4971 59 2008-11-06 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files.
12426 CVE-2008-4970 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file.
12427 CVE-2008-4969 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts.
12428 CVE-2008-4968 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file.
12429 CVE-2008-4967 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts.
12430 CVE-2008-4966 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts.
12431 CVE-2008-4965 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files.
12432 CVE-2008-4964 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file.
12433 CVE-2008-4960 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files.
12434 CVE-2008-4959 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files.
12435 CVE-2008-4958 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file.
12436 CVE-2008-4957 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file.
12437 CVE-2008-4956 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file.
12438 CVE-2008-4955 59 2008-11-05 2009-07-20
6.2
None Local High Not required Complete Complete Complete
freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code.
12439 CVE-2008-4954 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file.
12440 CVE-2008-4953 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks."
12441 CVE-2008-4952 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file.
12442 CVE-2008-4951 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts.
12443 CVE-2008-4950 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot."
12444 CVE-2008-4949 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
dist 3.5 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/cil#####, (b) /tmp/pdo#####, and (c) /tmp/pdn##### temporary files, related to the (1) patcil and (2) patdiff scripts.
12445 CVE-2008-4948 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file.
12446 CVE-2008-4947 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.
12447 CVE-2008-4946 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows_CD_Install/provision.sh scripts in image_store/.
12448 CVE-2008-4945 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory.
12449 CVE-2008-4944 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files.
12450 CVE-2008-4943 59 2008-11-05 2009-07-21
6.9
Admin Local Medium Not required Complete Complete Complete
bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.