CWE:
 

Topic
Date
Author
High
MS13-097 Registry Symlink IE Sandbox Escape
27.06.2014
Juan vazquez
Med.
systemd create or overwrite arbitrary files
21.04.2014
Sebastian Krahmer
Med.
Solaris 10 Patch Cluster Symlink Attack
09.08.2012
Larry W. Cashdollar
Low
Medium severity flaw in QNX Neutrino RTOS
23.10.2011
Tim Brown
Low
Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS
01.09.2011
Timo Warns
Med.
FreeBSD crontab information leakage
07.03.2011
Dan Rosenberg
Med.
The GNU C library dynamic linker expands $ORIGIN in setuid library search path
11.01.2011
taviso
Low
emesene preditable 1.6.1 temporary filename
12.06.2010
Emilio Pozuelo Monfort
Low
Mathematica on Linux /tmp/MathLink vulnerability
27.05.2010
paul szabo
Med.
Solaris Update manager and Sun Patch Cluster - Symlink attack
01.04.2010
DHS
Med.
Deliver 2.1.14 Multiple vulnerabilities
30.03.2010
Dan Rosenberg
Med.
fcrontab 3.0.4 Information Disclosure Vulnerability
09.03.2010
Dan Rosenberg
Med.
Oscailt 3.3 CMS Local File Inclusion
02.01.2010
s4r4d0
Med.
VideoCache 1.9.2 vccleaner root vulnerability
30.12.2009
Dominick LaTrappe
Med.
MySQL - 5.1.41 Multiple Vulnerabalities
03.12.2009
Jan Lieskovsky
Med.
Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities
05.02.2009
Sam Johnston
Med.
ViArt Shopping Cart v3.5 Multiple Remote Vulnerabilities
31.12.2008
XiaShing_at_gmail.com
High
verlihub <= 0.9.8d-RC2 Remote Command Execution Vulnerability
23.12.2008
v4lkyrius
High
/bin/login gives root to group utmp
02.12.2008
Paul Szabo
High
python-2.3.4-5 Symbolic link attack possibility
19.09.2008
Jan iankko Lieskovsky
Med.
Nooms 1.1
11.09.2008
irancrash


CVEMAP Search Results

CVE
Details
Description
2018-03-22
Medium
CVE-2018-5225

Updating...
 

 
In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed version for 4.13.0 through 5.4.7), 5.5.0 before 5.5.8 (the fixed version for 5.5.x), 5.6.0 before 5.6.5 (the fixed version for 5.6.x), 5.7.0 before 5.7.3 (the fixed version for 5.7.x), and 5.8.0 before 5.8.2 (the fixed version for 5.8.x), allows authenticated users to gain remote code execution using the in browser editing feature via editing a symbolic link within a repository.

 
2018-03-19
Low
CVE-2018-1196

Vendor: Pivotal software
Software: Spring boot
 

 
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "run_user" to overwrite and take ownership of any file on the same system. In order to instigate the attack, the application must be installed as a service and the "run_user" requires shell access to the server. Spring Boot application that are not installed as a service, or are not using the embedded launch script are not susceptible.

 
2018-03-13
Medium
CVE-2017-1002101

Updating...
 

 
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.

 
2018-03-12
Medium
CVE-2017-2619

Vendor: Samba
Software: Samba
 

 
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.

 
2018-03-02
Low
CVE-2018-1063

Vendor: Selinux project
Software: Selinux
 

 
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.

 
Medium
CVE-2015-0796

Updating...
 

 
In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial of service attacks on the source service.

 
2018-03-01
Medium
CVE-2017-5188

Vendor: Opensuse
Software: Open build s...
 

 
The bs_worker code in open build service before 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information.

 
2018-02-14
Low
CVE-2017-18188

Vendor: Openr
Software: Opentmpfiles
 

 
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.

 
2018-02-09
Low
CVE-2014-3219

Vendor: Fishshell
Software: FISH
 

 
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.

 
2018-01-19
Low
CVE-2017-15111

Updating...
 

 
keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top