4826 matches found
Mandrake Linux Security Advisory : playmidi (MDKSA-2005:010)
Erik Sjolund discovered a buffer overflow in playmidi that could be exploited by a local attacker if installed setuid root. Note that by default Mandrakelinux does not ship playmidi installed setuid root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...
IBM DB2 db2fmp buffer overflow (#NISR05012005A)
NGSSoftware Insight Security Research Advisory Name: IBM DB2 db2fmp buffer overflow Systems Affected: DB2 8.1/7.x Severity: High risk from local Vendor URL: http://www.ibm.com/ Author: David Litchfield david at ngssoftware.com Relates to: http://www.nextgenss.com/advisories/db2-02.txt Date of...
Mandrake Linux Security Advisory : logcheck (MDKSA-2004:155)
A vulnerability was discovered in the logcheck program by Christian Jaeger. This could potentially lead to a local attacker overwriting files with root privileges. The updated packages have been patched to prevent the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
Linux Kernel 2.4.282.6.9 - Memory Leak Local Denial of Service
Linux Kernel 2.4.282.6.9 - Memory Leak Local Denial of Service / memory leak Copyright Georgi Guninski Cannot be used in vulnerability databases like securityfocus and mitre / include include include include include include include include include include int mainint ac,char av struct msghdr...
[Full-Disclosure] Password Disclosure for SMB Shares in KDE's Konqueror
------------------------------------------------------------------------- | Password Disclosure for SMB Shares in KDE's Konqueror | ------------------------------------------------------------------------- Date: Nov. 29, 2004 Author: Daniel Fabian Product: KDE, Konquerer Vendor: KDE e. V...
[SECURITY] [DSA 575-1] New catdoc packages fix temporary file vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 575-1 [email protected] http://www.debian.org/security/ Martin Schulze October 28th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 577-1 [email protected] http://www.debian.org/security/ Martin Schulze October 29th, 2004 http://www.debian.org/security/faq -...
Debian DSA-335-1 : mantis - incorrect permissions
mantis, a PHP/MySQL web-based bug tracking system, stores the password used to access its database in a configuration file which is world-readable. This could allow a local attacker to read the password and gain read/write access to the database. %NASLMINLEVEL 70300 C Tenable Network Security, In...
Debian DSA-279-1 : metrics - insecure temporary file creation
Paul Szabo and Matt Zimmerman discovered two similar problems in metrics, a tools for software metrics. Two scripts in this package, 'halstead' and 'gatherstats', open temporary files without taking appropriate security precautions. 'halstead' is installed as a user program, while 'gatherstats' i...
Debian DSA-334-1 : xgalaga - buffer overflows
Steve Kemp discovered several buffer overflows in xgalaga, a game, which can be triggered by a long HOME environment variable. This vulnerability could be exploited by a local attacker to gain gid 'games'. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...
Debian DSA-428-1 : slocate - buffer overflow
A vulnerability was discovered in slocate, a program to index and search for files, whereby a specially crafted database could overflow a heap-based buffer. This vulnerability could be exploited by a local attacker to gain the privileges of the 'slocate' group, which can access the global databas...
Debian DSA-327-1 : xbl - buffer overflows
Steve Kemp discovered several buffer overflows in xbl, a game, which can be triggered by long command line arguments. This vulnerability could be exploited by a local attacker to gain gid 'games'. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Debian DSA-217-1 : typespeed - buffer overflow
A problem has been discovered in the typespeed, a game that lets you measure your typematic speed. By overflowing a buffer a local attacker could execute arbitrary commands under the group id games. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...
Debian DSA-359-1 : atari800 - buffer overflows
Steve Kemp discovered multiple buffer overflows in atari800, an Atari emulator. In order to directly access graphics hardware, one of the affected programs is setuid root. A local attacker could exploit this vulnerability to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, In...
ZoneAlarm Pro Configuration File/Directory Permission Weakness DoS
This host is running a version of ZoneAlarm Pro that contains a flaw which may allow a local denial of service. To exploit this flaw, an attacker would need to tamper with the files located in %windir%/Internet Logs. An attacker may modify them and prevent ZoneAlarm from starting up properly. C...
Fedora Core 1 : kdebase-3.1.4-7 (2004-292)
Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create temporary directories with predictable names. A local attacker could prevent KDE applications from functioning correctly, or overwrite files owned by other users by creating malicious symlinks. The Common Vulnerabilities...
CVE-2004-0115
VirtualPCServices in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServicesLog temporary file...
CVE-2002-1476
The CVE-2002-1476 entry describes a buffer overflow in the libc setlocale implementation on NetBSD 1.4.x–1.6 (and possibly other OSes) when LC_ALL is used with a locale string that contains more than 6 elements. This enables a local attacker to potentially execute arbitrary code via the compromis...
CVE-2002-1284
Technical details, affected versions, and exact impact are not publicly provided in the available documents. Monitor for updates from official advisories to obtain concrete information.
CVE-2002-1412
Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERYBASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script...