CentOS 3 / 4 : bzip2 (CESA-2005:474)

Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4 have been created as the original erratum packages...

CVE-2006-0303

Technical details about CVE-2006-0303 are not publicly available in the provided documents; none of the connected records supply affected product/version, root cause, impact, or remediation. Monitor for updates.

CVE-2005-4599

The CVE-2005-4599 issue affects TinyMCE Compressor PHP prior to 1.06, with a Cross-site Scripting (XSS) vulnerability in tiny_mce_gzip.php exposed via the index parameter. The root cause is unvalidated input leading to script/HTML injection, allowing remote attackers to inject arbitrary web conte...

CVE-2005-4600

Directory traversal vulnerability in tinymcegzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte %00 in the 1 theme, 2 language, 3 plugins, or 4 lang parameter...

CVE-2005-4599

Cross-site scripting XSS vulnerability in tinymcegzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter...

CVE-2005-4600

Directory traversal vulnerability in tinymcegzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte %00 in the 1 theme, 2 language, 3 plugins, or 4 lang parameter...

CVE-2005-4600

CVE-2005-4600 describes a directory traversal vulnerability in TinyMCE Compressor PHP prior to 1.06. An attacker can cause the PHP script tiny_mce_gzip.php to read or include arbitrary files by supplying a trailing null byte (%00) in one of four parameters: theme, language, plugins, or lang. The ...

CVE-2005-4599

Cross-site scripting XSS vulnerability in tinymcegzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter...

CVE-2005-4600

Directory traversal vulnerability in tinymcegzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte %00 in the 1 theme, 2 language, 3 plugins, or 4 lang parameter...

Debian DSA-730-1 : bzip2 - race condition

Imran Ghory discovered a race condition in bzip2, a high-quality block-sorting file compressor and decompressor. When decompressing a file in a directory an attacker has access to, bunzip2 could be tricked to set the file permissions to a different file the user has permissions to. %NASLMINLEVEL...

bzip2 security update

CentOS Errata and Security Advisory CESA-2005:474 Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Updated 13 February 2006 Replacement bzip2 packages for Red Hat Enterprise Linux 4...

DSA-730-1 bzip2 - race condition

Bulletin has no description...

man-db 2.4.1 open_cat_stream() Local uid=man Exploit

Exploit for linux platform in category local exploits ==================================================== man-db 2.4.1 opencatstream Local uid=man Exploit ==================================================== !/bin/bash xmandb.sh: shell command file. man-dbv2.4.1-: local uid=man exploit. by:...