CVE-2008-4994
https://notcve.org/view.php?id=CVE-2008-4994
The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file. Los ficheros de comandos (1) ncsarmt y (2) ncsawrap en xmcd v2.6 permite a usuarios locales sobrescribir ficheros de su elección a través de un ataque de enlaces simbólicos al fichero temporal /tmp/Mosaic.*pid. • http://bugs.debian.org/496416 http://dev.gentoo.org/~rbu/security/debiantemp/xmcd http://www.openwall.com/lists/oss-security/2008/10/30/2 http://www.securityfocus.com/bid/32288 https://bugs.gentoo.org/show_bug.cgi?id=235770 https://exchange.xforce.ibmcloud.com/vulnerabilities/46550 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2001-1119
https://notcve.org/view.php?id=CVE-2001-1119
cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. • http://www.kb.cert.org/vuls/id/105347 http://www.novell.com/linux/security/advisories/2001_025_xmcd_txt.html http://www.securityfocus.com/bid/3148 https://exchange.xforce.ibmcloud.com/vulnerabilities/6941 •