197 matches found
openSUSE Security Update : valgrind (valgrind-321)
valgrind reads a file .valgrindrc in the current directory. Therefore local users could place such a file a world-writable directory such as /tmp and influence other users' valgrind when it's executed there CVE-2008-4865. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...
Mandriva Linux Security Advisory : valgrind (MDVSA-2009:057)
A vulnerability has been identified and corrected in valgrind : Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command option...
Mandrake Security Advisory MDVSA-2009:057 (valgrind)
The remote host is missing an update to valgrind announced via advisory MDVSA-2009:057. OpenVAS Vulnerability Test $Id: mdksa2009057.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:057 valgrind Authors: Thomas Reinke Copyright: Copyright c 2009 E-Sof...
Mandrake Security Advisory MDVSA-2009:057 (valgrind)
The remote host is missing an update to valgrind announced via advisory MDVSA-2009:057. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Gentoo Security Advisory GLSA 200902-03 (valgrind)
The remote host is missing updates announced in advisory GLSA 200902-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
GLSA-200902-03 : Valgrind: Untrusted search path
The remote host is affected by the vulnerability described in GLSA-200902-03 Valgrind: Untrusted search path Tavis Ormandy reported that Valgrind loads a .valgrindrc file in the current working directory, executing commands specified there. Impact : A local attacker could prepare a specially...
Gentoo Security Advisory GLSA 200902-03 (valgrind)
The remote host is missing updates announced in advisory GLSA 200902-03. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
openSUSE 10 Security Update : valgrind (valgrind-5809)
valgrind reads a file .valgrindrc in the current directory. Therefore local users could place such a file a world-writable directory such as /tmp and influence other users' valgrind when it's executed there CVE-2008-4865. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...
DEBIAN-CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
Design/Logic Flaw
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
CVE-2008-4865
CVE-2008-4865 concerns Valgrind prior to version 3.4.0. The vulnerability is an untrusted search path issue: a Trojan horse named ".valgrindrc" in the current working directory can be read by Valgrind, allowing a local user to influence execution (e.g., via a malicious --db-command). The availabl...
CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
CVE-2008-4865
Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...
Xinetd 2.3.10 Memory Leaks
BACKGROUND ----------- Xinetd is a popular inetd replacement. Shortly after the 2.3.9 release in September 2002, it was realized that xinetd was leaking file descriptors. That problem turned out to be that file descriptors were not always being closed whenever a connection was rejected. 2.3.10 wa...