Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-12-08 | CVE-2008-5368 | Link Following vulnerability in Lukas RUF Muttprint 0.72D muttprint in muttprint 0.72d allows local users to overwrite arbitrary files via a symlink attack on the /tmp/muttprint.log temporary file. | 6.9 |
2008-12-08 | CVE-2008-5367 | Link Following vulnerability in Marco D'Itri Ppp-Udeb 2.4.4 ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file. | 6.9 |
2008-12-08 | CVE-2008-5366 | Link Following vulnerability in Marco D'Itri PPP 2.4.4 The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file. | 6.9 |
2008-12-03 | CVE-2008-5313 | Link Following vulnerability in Mailscanner mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file. | 6.9 |
2008-12-03 | CVE-2008-5312 | Link Following vulnerability in Mailscanner mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140. | 6.9 |
2008-12-01 | CVE-2008-5299 | Link Following vulnerability in Karakas-Online Chm2Pdf 0.9 chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories. | 6.9 |
2008-11-27 | CVE-2008-5256 | Link Following vulnerability in Virtualox The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary file. | 4.4 |
2008-11-18 | CVE-2008-5157 | Link Following vulnerability in Uoregon TAU 2.16.4 tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts. | 6.9 |
2008-11-18 | CVE-2008-5156 | Link Following vulnerability in Dann Frazier Systemimager-Server 3.6.3 si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.inetd.conf or (2) /tmp/pxe.conf.*.tmp temporary file. | 6.9 |
2008-11-18 | CVE-2008-5155 | Link Following vulnerability in Smsclient 2.0.8Z mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file. | 9.3 |