Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010943)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010943 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: patavia: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that...

EUVD-2003-0284

Malware in sbrugna...

EUVD-2005-0867

Malware in sbrugna...

EUVD-2000-0453

Malware in sbrugna...

EUVD-2004-0804

Malware in sbrugna...

SUSE CVE-2003-0289

Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter...

CdRecord Version <= 2.0 - Mandrake local root exploit

No description provided by source. !/usr/bin/perl Cdrecord version 2.0 and local root exploit. wsxz@localhost buffer$ perl priv8cdr.pl 4 Using target number 4 Using Mr .dtors 0x808c82c Cdrecord 2.0 i586-mandrake-linux-gnu scsibus: -1 target: -1 lun: -1 Warning: Open by 'devname' is unintentional...

Mandriva Linux Mandrake 7.0 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1265/info The linux cdrecorder binary is vulnerable to a locally exploitable buffer overflow attack. When installed in a Mandrake 7.0 linux distribution, it is by default setgid cdburner which is a group, gid: 80, that is...

CDRTools CDRecord 1.11/2.0 Devname Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7565/info CDRecord has been reported prone to a format string vulnerability. The issue presents itself due to a programming error that occurs when calling a printf-like function. It has been reported that by harnessing an...

Mandrake Linux Security Advisory : cdrecord (MDKSA-2000:009)

The linux cdrecord binary is vulnerable to a locally exploitable buffer overflow attack. When installed on a Linux-Mandrake distribution, it is by default setgid 'cdburner' which is a group, gid: 80, that is created for the application. The overflow condition is the result of no bounds checking o...

Scientific Linux Security Update : pam on SL3.x i386/x86_64

A flaw was found in the way the Linux kernel handled certain SGIO commands. Console users with access to certain device files had the ability to damage recordable CD drives. The way pamconsole handled permissions of these files has been modified to disallow access. This change also required...

Mandriva Update for cdrecord MDKA-2007:093 (cdrecord)

Check for the Version of cdrecord OpenVAS Vulnerability Test Mandriva Update for cdrecord MDKA-2007:093 cdrecord Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Gentoo Security Advisory GLSA 200409-18 (cdrtools)

The remote host is missing updates announced in advisory GLSA 200409-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

CentOS 3 : pam (CESA-2007:0465)

Updated pam packages that resolves several bugs and security flaws are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system whereby administrators ca...

cdrecord $RSH exec() SUID Shell Creation

No description provided by source. !/bin/bash cdrecord-suidshell.sh - Iruid CAU 09.2004 Exploits cdrecord's exec of $RSH before dropping privs cat ./cpbinbash.c include include include main int argc, char argv int fd1, fd2; int count; char buffer1; / Set ID's / setuid geteuid ; setgid geteuid ; /...

Ubuntu 4.10 : cdrtools vulnerability (USN-100-1)

Javier Fernandez-Sanguino Pena noticed that cdrecord created temporary files in an insecure manner if DEBUG was enabled in /etc/cdrecord/rscsi. If the default value was used which stored the debug output file in /tmp, this could allow a symbolic link attack to create or overwrite arbitrary files...

Low: Red Hat Bug Fix Advisory: Updated cdrtools packages

Updated cdrtools packages that fix a possible exploit are now available for Red Hat Enterprise Linux 3. Cdrecord is an application for recording audio and data CDs. Cdrecord works with many different brands of CD recorders, fully supports multi-sessions, and provides human-readable error messages...

CVE-2005-0866

cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-0866

cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

Mandrake Linux Security Advisory : cdrecord (MDKSA-2005:077)

Javier Fernandez-Sanguino Pena discovered that cdrecord created temporary files in an insecure manner if DEBUG was enabled in /etc/cdrecord/rscsi. If the default value was used which stored the debug output file in /tmp, a symbolic link attack could be used to create or overwrite arbitrary files...