Category Archives: My CVE’s

CVE-2005-1759 shtool Reused Temp Files Symlink Arbitrary File Overwrite

Timeline :

Vulnerability discovered by Eric Romang the 2005-05-25
Vendor notified the 2005-05-25
Vulnerability disclosure the 2005-05-25

Reference(s) :

CVE-2005-1759
OSVDB-17289
GLSA 200506-08

Affected version(s) :

shtool before or equal to 2.0.1

Description :

shtool contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to the script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

CVE-2005-1751 shtool Symlink Arbitrary File Manipulation

Timeline :

Vulnerability discovered by Eric Romang the 2005-05-25
Vendor notified the 2005-05-25
Vulnerability disclosure the 2005-05-25

Reference(s) :

CVE-2005-1751
OSVDB-16848
GLSA 200506-08

Affected version(s) :

shtool before or equal to 2.0.1

Description :

shtool contains a flaw that may allow a malicious local user to overwrite or create arbitrary files on the system. The issue is due to the script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

CVE-2005-1740 Net-SNMP fixproc Temporary File Local Privilege Escalation

Timeline :

Vulnerability discovered by Eric Romang the 2005-05-07
Vendor notified the 2005-05-17
Vulnerability disclosure the 2005-05-23

Reference(s) :

CVE-2005-1740
OSVDB-16778
GLSA 200506-08

Affected version(s) :

net-snmp before or equal to 5.2.1

Description :

fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack.

CVE-2005-1707 Gentoo webapp-config Temporary File Privilege Escalation

Timeline :

Vulnerability discovered by Eric Romang the 2005-05-07
Vendor notified the 2005-05-07
Coordinated vulnerability disclosure the 2005-05-22

Reference(s) :

CVE-2005-1707
OSVDB-16746

Affected version(s) :

webapp-config before or equal to 1.10-r14

Description :

The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file.