2626 matches found
python security, bug fix, and enhancement update
python: 2.6.6-20 Resolves: CVE-2010-3493 2.6.6-19 Resolves: CVE-2011-1015 2.6.6-18 Resolves: CVE-2011-1521 2.6.6-17 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-16 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-15 - fix race condition that sometimes breaks the build wi...
CVE-2011-1095
locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...
DEBIAN-CVE-2011-1095
locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...
Design/Logic Flaw
locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...
CVE-2011-1095
locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...
CVE-2011-1095
Summary of CVE-2011-1095 (glibc locale quoting issue) : The vulnerability affects locale/programs/locale.c in the GNU C Library (glibc/libc6) prior to version 2.13. The code does not properly quote its output, which might allow local users to gain privileges via a crafted localization environment...
CVE-2011-1095
locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...
Design/Logic Flaw
The S/MIME feature in Open Ticket Request System OTRS before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available fo...
Ubuntu Update for openjdk-6 vulnerabilities USN-1079-1
Ubuntu Update for Linux kernel vulnerabilities USN-1079-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10791.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for openjdk-6 vulnerabilities USN-1079-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
CVE-2010-4450
Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.229 and earlier for Solaris and Linux allows local standalone applications to affect...
CVE-2011-0902
Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Firewall on SunOS 5.9 allow local users to execute arbitrary code via a modified 1 PATH or 2 LDLIBRARYPATH environment variable...
Path traversal
Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Firewall on SunOS 5.9 allow local users to execute arbitrary code via a modified 1 PATH or 2 LDLIBRARYPATH environment variable...
CVE-2010-4604
Stack-based buffer overflow in the GeneratePassword function in dsmtca aka the Trusted Communications Agent or TCA in the backup-archive client in IBM Tivoli Storage Manager TSM 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows...
Stack overflow
Stack-based buffer overflow in the GeneratePassword function in dsmtca aka the Trusted Communications Agent or TCA in the backup-archive client in IBM Tivoli Storage Manager TSM 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows...
CVE-2010-4170
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...
DEBIAN-CVE-2010-4170
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...
CVE-2010-4170
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...
Design/Logic Flaw
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...
CVE-2010-4170
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...
CVE-2010-4170
CVE-2010-4170 affects SystemTap, where the staprun runtime does not properly sanitize the environment before invoking modprobe in version 1.3, enabling a local user to escalate privileges by setting MODPROBE_OPTIONS to point to a malicious configuration file. Public references document this issue...