16 matches found
openSUSE Security Update : jhead (jhead-399)
This update of jhead fixes several security problems : - CVE-2008-4575: buffer overflow in DoCommand - CVE-2008-4639: local symlink attack - CVE-2008-4640: DoCommand allowed deletion of arbitrary files - CVE-2008-4641: execution of arbitrary shell commands in DoCommand %NASLMINLEVEL 70300 C Tenab...
Mandriva Linux Security Advisory : jhead (MDVSA-2009:041)
Security vulnerabilities have been identified and fixed in jhead. Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service crash CVE-2008-4575. Jhead before 2.84 allows local users to overwrite arbitrary files via a symlin...
Fedora 10 : jhead-2.86-1.fc10 (2009-1824)
fixes 'CVE-2008-4640 jhead: arbitrary file deletion' 468056 fixes 'CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes' 468057 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Fedora Core 10 FEDORA-2009-1824 (jhead)
The remote host is missing an update to jhead announced via advisory FEDORA-2009-1824. OpenVAS Vulnerability Test $Id: fcore20091824.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-1824 jhead Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora Core 9 FEDORA-2009-1776 (jhead)
The remote host is missing an update to jhead announced via advisory FEDORA-2009-1776. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 9 FEDORA-2009-1776 (jhead)
The remote host is missing an update to jhead announced via advisory FEDORA-2009-1776. OpenVAS Vulnerability Test $Id: fcore20091776.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-1776 jhead Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Fedora 9 : jhead-2.86-1.fc9 (2009-1776)
fixes 'CVE-2008-4640 jhead: arbitrary file deletion' 468056 fixes 'CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes' 468057 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Mandrake Security Advisory MDVSA-2009:041 (jhead)
The remote host is missing an update to jhead announced via advisory MDVSA-2009:041. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandrake Security Advisory MDVSA-2009:041 (jhead)
The remote host is missing an update to jhead announced via advisory MDVSA-2009:041. OpenVAS Vulnerability Test $Id: mdksa2009041.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:041 jhead Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3)
The remote host is missing updates announced in advisory SUSE-SR:2009:001. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...
openSUSE 10 Security Update : jhead (jhead-5899)
This update of jhead fixes several security problems : - CVE-2008-4575: buffer overflow in DoCommand - CVE-2008-4639: local symlink attack - CVE-2008-4640: DoCommand allowed deletion of arbitrary files - CVE-2008-4641: execution of arbitrary shell commands in DoCommand %NASLMINLEVEL 70300 C Tenab...
CVE-2008-4640
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which 1 a final "z" character is replaced by a "t" character or 2 a final "t" character is replaced by a "z" character...
CVE-2008-4640
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which 1 a final "z" character is replaced by a "t" character or 2 a final "t" character is replaced by a "z" character...
CVE-2008-4640
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which 1 a final "z" character is replaced by a "t" character or 2 a final "t" character is replaced by a "z" character...
CVE-2008-4640
The CVE-2008-4640 issue affects jhead up to version 2.84, where DoCommand() could delete arbitrary files when the input filename is manipulated (replacing a trailing z with t or vice versa). Several advisories (openSUSE/SUSE jhead-399, Fedora 2009-1824/1776, Mandriva MDVSA-2009:041) confirm the v...
CVE-2008-4640
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which 1 a final "z" character is replaced by a "t" character or 2 a final "t" character is replaced by a "z" character...