21 matches found
Gentoo Security Advisory GLSA 201401-28
Gentoo Linux Local Security Checks GLSA 201401-28 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Tomboy: Privilege escalation
Background Tomboy is a desktop note-taking application. Description Tomboy places a zero-length directory name in the LDLIBRARYPATH, which might result in the current working directory . to be included when searching for dynamically linked libraries. NOTE: This vulnerability exists due to an...
Mandriva Update for tomboy MDVSA-2011:035 (tomboy)
Check for the Version of tomboy OpenVAS Vulnerability Test Mandriva Update for tomboy MDVSA-2011:035 tomboy Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Mandriva Linux Security Advisory : tomboy (MDVSA-2008:064)
A flaw in how tomboy handles LDLIBRARYPATH was discovered where by appending paths to LDLIBRARYPATH the program would also search the current directory for shared libraries. In directories containing network data, those libraries could be injected into the application. The updated packages have...
Ubuntu: Security Advisory (USN-560-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for blam FEDORA-2007-3792
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for blam FEDORA-2007-3798
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for blam FEDORA-2007-3962
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for tomboy FEDORA-2007-3253
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for blam FEDORA-2008-6127
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for blam FEDORA-2008-8399
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for blam FEDORA-2008-9667
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for blam FEDORA-2008-6491
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for blam FEDORA-2008-2682
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : tomboy vulnerability (USN-560-1)
Jan Oravec discovered that Tomboy did not properly setup the LDLIBRARYPATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubunt...
Fedora 7 : blam-1.8.3-9.fc7 (2007-3792)
This update resolves a low severity security issue where LDLIBRARYPATH could potentially get set to the current directory if it wasn't set before Blam was launched. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Fedora 8 : blam-1.8.3-11.fc8 (2007-3798)
This update resolves a low severity security issue where LDLIBRARYPATH could potentially get set to the current directory if it wasn't set before Blam was launched. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
openSUSE 10 Security Update : tomboy (tomboy-4698)
The tomboy mediaplayer used LDLIBRARYPATH unsafely by allowing empty LDLIBRARYPATH components. This would enable the player to load its shared libraries of the current directory which might contain user-supplied shared libraries, potentially supplied from the network by an attacker. CVE-2005-4790...
Fedora 8 : tomboy-0.8.1-3.fc8 (2007-3253)
This update resolves a low severity security issue where LDLIBRARYPATH could potentially get set to the current directory if it wasn't set before Tomboy was launched. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenab...
CVE-2005-4790
Concrete details from connected docs show CVE-2005-4790 is linked to Tomboy and GNOME Tomboy: the LD_LIBRARY_PATH is polluted with a zero-length directory name, causing the current working directory to be searched for libraries and enabling local privilege escalation. The issue is tied to an inco...