CVE-2013-1444

A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222...

DEBIAN-CVE-2013-1444

A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222...

CVE-2013-1444

A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222...

Mandrake Linux Security Advisory : sysklogd (MDKSA-2000:050-1)

A problem exists with the kernel logging daemon klogd in the sysklogd package. A 'format bug' makes klogd vulnerable to local root compromise, as well as the possibility for remote vulnerabilities under certain circumstances, which are unprobable. There is also a more probable semi-remote exploit...

Memcached Multiple Buffer Overflow Vulnerabilities

The host is running Memcached and is prone to multiple Buffer Overflow vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmemcachedmultbofvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Memcached Multiple Buffer Overflow Vulnerabilities Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

CVE-2008-5843

Multiple untrusted search path vulnerabilities in pdfjam allow local users to gain privileges via a Trojan horse program in 1 the current working directory or 2 /var/tmp, related to the a pdf90, b pdfjoin, and c pdfnup scripts...

Security fix for the ALT Linux 6 package freeradius version 2.1.3-1

Dec. 4, 2008 John Dennis &[email protected] - 2.1.3-1 - upgrade to latest upstream release, upstream summary follows: The focus of this release is stability. Feature Improvements: Allow running with "user=radiusd" and binding to secure sockets. Start sending Status-Server "are you alive"...

CVE-2008-4406

A certain Debian patch to the run scripts for sabre aka xsabre 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files...

CVE-2008-4109

A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service connection sl...

CVE-2008-4109

A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service connection sl...

TCL/TK Tk工具包ReadImage()函数GIF文件解析栈溢出漏洞

BUGTRAQ ID: 27655 CVECAN ID: CVE-2008-0553 Tcl是一种简明，高效，可移植的编程语言。 在Tcl的Tk工具包中，tkImgGIF.c文件的ReadImage函数没有正确地验证从GIF图形中所读取的initialCodeSize值。如果用户受骗打开了恶意的GIF图形文件的话，就可能触发栈溢出，导致执行任意指令。 John Ousterhout Tcl 8.5.1 厂商补丁： Debian ------ Debian已经为此发布了一个安全公告（DSA-1491-1）以及相应补丁: DSA-1491-1：New tk8.4 packages fix...

Fedora 7 : perl-Tk-804.028-3.fc7 (2008-1384)

Tue Feb 5 2008 Andreas Bierfert - 804.028-3 - fix 431529 gif overflow in tk see also 431518 - Fri Jan 4 2008 Andreas Bierfert - 804.028-2 - add relevant parts of debian patch - add patch for 235666 - Wed Jan 2 2008 Andreas Bierfert - 804.028-1 - version upgrade - fix 210718 SIGSEGV on exit from...

Fedora 8 : perl-Tk-804.028-3.fc8 (2008-1323)

Tue Feb 5 2008 Andreas Bierfert - 804.028-3 - fix 431529 gif overflow in tk see also 431518 - Fri Jan 4 2008 Andreas Bierfert - 804.028-2 - add relevant parts of debian patch - add patch for 235666 - Wed Jan 2 2008 Andreas Bierfert - 804.028-1 - version upgrade - fix 210718 SIGSEGV on exit from...

DEBIAN-CVE-2007-2446

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving 1 DFSEnum netdfsiodfsEnumInfod, 2 RFNPCNEX smbionotifyoptiontypedata, 3 LsarAddPrivilegesToAccount...

PT-2006-1007 · Debian +2 · Debian +2

Name of the Vulnerable Software and Affected Versions: Debian GNU/Linux kernel-patch-openvz affected versions not specified Linux kernel versions prior to 2.6.18 Description: The issue affects the Linux kernel and may lead to disruption of confidentiality, integrity, and availability of protected...

Debian DSA-150-1 : interchange - illegal file exposition

A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' internet domain socket. This...

BAZARR FAREWELL

/ traceroute local root advisory / / by: bazarr / / [email protected] / / bazarr episode / ------------------ PREFACE its me bazarr. i dont use ziplip anymore. resend any emails sent to bazarr@ziplip to [email protected] if i dident respond to them. this is a local root vulnerability in the...

[SECURITY] New version of tcpdump released

Package: tcpdump Vulnerability: remote exploit Debian-specific: no During internal source code auditing by FreeBSD several buffer overflows were found which allow an attacker to make tcpdump crash by sending carefully crafted packets to a network that is being monitored with tcpdump. This has bee...

remote_bof_cfingerd.txt

Subject: cfingerd 1.3.2 To: [email protected] Hi, there is a remote buffer over flow in cfingerd 1.3.2 in searchfake: int searchfakechar username char parsed80; bzeroparsed, 80; sscanfusername, "%^..%^\r\n\r\n", parsed; ... called from processusername, that is called from main: int mainint arg...