CWE-59
Improper Link Resolution Before File Access ('Link Following')
BaseDraftLikelihood: Medium
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (624)
page 24 of 32| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-5143 | 0.00 | — | 0.00 | Nov 18, 2008 | mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.debug or (2) /tmp/*.env temporary file. | ||
| CVE-2008-5142 | 0.00 | — | 0.00 | Nov 18, 2008 | sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file. | ||
| CVE-2008-5141 | 0.00 | — | 0.00 | Nov 18, 2008 | flamethrower in flamethrower 0.1.8 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/multicast.tar.##### temporary file. | ||
| CVE-2008-5140 | 0.00 | — | 0.00 | Nov 18, 2008 | trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file. | ||
| CVE-2008-5139 | 0.00 | — | 0.00 | Nov 18, 2008 | updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file. | ||
| CVE-2008-5138 | 0.00 | — | 0.00 | Nov 18, 2008 | passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd.##### temporary file. | ||
| CVE-2008-5137 | 0.00 | — | 0.00 | Nov 18, 2008 | tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file. | ||
| CVE-2008-5136 | 0.00 | — | 0.00 | Nov 18, 2008 | tkusr in tkusr 0.82 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/tkusr.pgm temporary file. | ||
| CVE-2008-5135 | 0.00 | — | 0.00 | Nov 18, 2008 | os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users. | ||
| CVE-2008-4832 | 0.00 | — | 0.00 | Nov 17, 2008 | rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time. | ||
| CVE-2008-5034 | 0.00 | — | 0.00 | Nov 10, 2008 | master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filter.debug temporary file. NOTE: the vendor disputes this vulnerability, stating 'this package does not have " possibility of attack with the help of symlinks"' | ||
| CVE-2008-5007 | 0.00 | — | 0.00 | Nov 10, 2008 | create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory. | ||
| CVE-2008-4998 | 0.00 | — | 0.00 | Nov 7, 2008 | postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid. | ||
| CVE-2008-4997 | 0.00 | — | 0.00 | Nov 7, 2008 | dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage. | ||
| CVE-2008-4995 | 0.00 | — | 0.00 | Nov 7, 2008 | redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default. | ||
| CVE-2008-4994 | 0.00 | — | 0.00 | Nov 7, 2008 | The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file. | ||
| CVE-2008-4993 | 0.00 | — | 0.00 | Nov 7, 2008 | qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file. | ||
| CVE-2008-4988 | 0.00 | — | 0.00 | Nov 6, 2008 | pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal##### temporary file. | ||
| CVE-2008-4987 | 0.00 | — | 0.00 | Nov 6, 2008 | xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts. | ||
| CVE-2008-4986 | 0.00 | — | 0.00 | Nov 6, 2008 | wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts. |