1661 matches found
CVE-2005-4418
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities...
[Full-disclosure] [SECURITY] [DSA 1013-1] New snmptrapfmt packages fix insecure temporary file
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1013-1 [email protected] http://www.debian.org/security/ Martin Schulze March 22nd, 2006 http://www.debian.org/security/faq -...
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
Design/Logic Flaw
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
Code injection
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1320
CVE-2006-1320 : The Debian rssh package (rssh 2.3.0 in Debian GNU/Linux) contains a programming error where braces are not used to form a block, causing a faulty check for CVS and permitting rsync/rdist to bypass access restrictions configured in rssh.conf. Debian’s DSA-1109-1 notes the fix and l...
CVE-2006-1319
CVE-2006-1319 concerns chpst in runit 1.3.3-1 (Debian GNU/Linux) when compiled on little-endian i386 with dietlibc. The issue arises in how multiple groups are handled in the -u option, leading to incorrect permissions being assigned to the root group due to inconsistent gid_t bit sizes. Document...
CVE-2006-1320
Removed by vendor...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
[SECURITY] [DSA 1007-1] New drupal packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1007-1 [email protected] http://www.debian.org/security/ Martin Schulze March 17th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1005-1] New xine-lib packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1005-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 16th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 999-1] New lurker packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 999-1 [email protected] http://www.debian.org/security/ Martin Schulze March 14th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 998-1] New libextractor packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 998-1 [email protected] http://www.debian.org/security/ Martin Schulze March 14th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 991-1] New zoo packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 991-1 [email protected] http://www.debian.org/security/ Steve Kemp March 10th, 2006 http://www.debian.org/security/faq -...