CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
13401 CVE-2008-4994 59 2008-11-07 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file.
13402 CVE-2008-4993 59 2008-11-07 2017-09-28
6.9
None Local Medium Not required Complete Complete Complete
qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file.
13403 CVE-2008-4990 59 2009-02-02 2018-10-11
6.9
Admin Local Medium Not required Complete Complete Complete
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.
13404 CVE-2008-4988 59 2008-11-06 2008-11-06
6.9
None Local Medium Not required Complete Complete Complete
pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal##### temporary file.
13405 CVE-2008-4987 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts.
13406 CVE-2008-4986 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts.
13407 CVE-2008-4985 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/memleaktest.log temporary file.
13408 CVE-2008-4984 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts.
13409 CVE-2008-4983 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/SciLink#####1, (b) /tmp/SciLink#####2, (c) /tmp/SciLink#####3, (d) /tmp/*.#####, (e) /tmp/*.#####.res, (f) /tmp/*.#####.err, and (g) /tmp/*.#####.diff temporary files, related to the (1) scilink, (2) scidoc, and (3) scidem scripts.
13410 CVE-2008-4982 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270.
13411 CVE-2008-4981 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
perl.robot in realtimebattle 1.0.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl.robot.log temporary file.
13412 CVE-2008-4980 59 2008-11-06 2009-09-15
6.9
None Local Medium Not required Complete Complete Complete
delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file.
13413 CVE-2008-4979 59 2008-11-06 2009-09-15
6.9
None Local Medium Not required Complete Complete Complete
getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /tmp/ipacct.##### temporary files.
13414 CVE-2008-4978 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (g) /tmp/tl#####.pic, (h) /tmp/ds#####.pic, (i) /tmp/tfa#####, and (j) /tmp/sed##### temporary files, related to the (1) optics2rad, (2) pdelta, (3) dayfact, and (4) raddepend scripts.
13415 CVE-2008-4977 59 2008-11-06 2008-11-06
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it."
13416 CVE-2008-4976 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/ogle_audio.#####, (b) /tmp/ogle_cli.#####, (c) /tmp/ogle_ctrl.#####, (d) /tmp/ogle_gui.#####, (e) /tmp/ogle_mpeg_ps.#####, (f) /tmp/ogle_mpeg_vs.#####, (g) /tmp/ogle_nav.#####, and (h) /tmp/ogle_vout.#####, temporary files, related to the (1) ogle_audio_debug, (2) ogle_cli_debug, (3) ogle_ctrl_debug, (4) ogle_gui_debug, (5) ogle_mpeg_ps_debug, (6) ogle_mpeg_vs_debug, (7) ogle_nav_debug, and (8) ogle_vout_debug scripts.
13417 CVE-2008-4975 59 2008-11-06 2009-09-15
6.9
None Local Medium Not required Complete Complete Complete
mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mmp##### temporary file.
13418 CVE-2008-4974 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
rrdedit in netmrg 0.20 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*.xml and (2) /tmp/*.backup temporary files.
13419 CVE-2008-4973 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/i2my#####.1 and (2) /tmp/i2my#####.2 temporary files.
13420 CVE-2008-4972 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
mailgo in mgt 2.31 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mailgo##### temporary file.
13421 CVE-2008-4971 59 2008-11-06 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files.
13422 CVE-2008-4970 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file.
13423 CVE-2008-4969 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts.
13424 CVE-2008-4968 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file.
13425 CVE-2008-4967 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts.
13426 CVE-2008-4966 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) maytest scripts.
13427 CVE-2008-4965 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files.
13428 CVE-2008-4964 59 2008-11-06 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
filters/any-UTF8 in konwert 1.8 allows local users to delete arbitrary files via a symlink attack on a /tmp/any-##### temporary file.
13429 CVE-2008-4960 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-tmp.ps and (2) /tmp/bboxx-* temporary files.
13430 CVE-2008-4959 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files.
13431 CVE-2008-4958 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
gdrae in gdrae 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gdrae/palabra temporary file.
13432 CVE-2008-4957 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file.
13433 CVE-2008-4956 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file.
13434 CVE-2008-4955 59 2008-11-05 2009-07-20
6.2
None Local High Not required Complete Complete Complete
freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code.
13435 CVE-2008-4954 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file.
13436 CVE-2008-4953 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks."
13437 CVE-2008-4952 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file.
13438 CVE-2008-4951 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/awstats.log, (b) /tmp/spam.log.#####, and (c) /tmp/spam_err.log temporary files, related to the (1) accesslog.php and (2) sa-wrapper scripts.
13439 CVE-2008-4950 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a symlink attack on the tmp/gccross2.log temporary file. NOTE: the vendor disputes this vulnerability, stating that "There is no sense in this bug - the script ... is called under specific cross-building environments within a chroot."
13440 CVE-2008-4949 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
dist 3.5 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/cil#####, (b) /tmp/pdo#####, and (c) /tmp/pdn##### temporary files, related to the (1) patcil and (2) patdiff scripts.
13441 CVE-2008-4948 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
fest.pl in digitaldj 0.7.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ddj_fest.tmp temporary file.
13442 CVE-2008-4947 59 2008-11-05 2009-08-26
6.9
None Local Medium Not required Complete Complete Complete
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.
13443 CVE-2008-4946 59 2008-11-05 2009-07-20
6.9
None Local Medium Not required Complete Complete Complete
convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh, (3) Fedora_PV_Install/provision.sh, (4) CentOS_PV_Install/provision.sh, (5) common/provision.sh, (6) example/provision.sh, and (7) Windows_CD_Install/provision.sh scripts in image_store/.
13444 CVE-2008-4945 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
amlabel-cdrw in cdrw-taper 0.4 might allow local users to overwrite arbitrary files via a symlink attack involving a /tmp/amlabel-cdrw.##### temporary directory.
13445 CVE-2008-4944 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink attack on /tmp/v-recorder*-out temporary files.
13446 CVE-2008-4943 59 2008-11-05 2009-07-21
6.9
Admin Local Medium Not required Complete Complete Complete
bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts.
13447 CVE-2008-4942 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files.
13448 CVE-2008-4941 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
arb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/arb_fdnaml_*, (b) /tmp/arb_pids_*, (c) /tmp/arbdsmz.html, and (d) /tmp/arbdsmz.htm temporary files, related to the (1) arb_fastdnaml and (2) dszmconnect.pl scripts.
13449 CVE-2008-4940 59 2008-11-05 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/aptoncd temporary file.
13450 CVE-2008-4939 59 2008-11-05 2017-08-07
6.9
Admin Local Medium Not required Complete Complete Complete
apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#####.lex.cc, (b) /tmp/#####.deformat.l, (c) /tmp/#####.reformat.l, (d) /tmp/#####docxorig, (e) /tmp/#####docxsalida.zip, (f) /tmp/#####xlsxembed, (g) /tmp/#####xlsxorig, and (h) /tmp/#####xslxsalida.zip temporary files, related to the (1) apertium-gen-deformat, (2) apertium-gen-reformat, and (3) apertium scripts.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.