Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC

No description provided by source. !/bin/bash - echo ' include string.h include stdlib.h include unistd.h include utmp.h include sys/types.h include stdio.h int mainint argc, char argv struct utmp entry; int i; entry.uttype=LOGINPROCESS; strcpyentry.utline,"/tmp/x"; entry.uttime=0;...

[SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1673-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 29, 2008 http://www.debian.org/security/faq -...

CVE-2008-5142

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...

CVE-2008-5142

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...

Design/Logic Flaw

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...

CVE-2008-5142

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...

CVE-2008-5142

The affected component is sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux. It is vulnerable to a local, pre-auth race where an attacker can overwrite arbitrary files through a symlink attack on a /tmp/pr.##### temporary file, indicating a local-privilege escalation/vector due to insecure ...

[SECURITY] [DSA 1661-1] New OpenOffice.org packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1661-1 [email protected] http://www.debian.org/security/ Martin Schulze October 29th, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1660-1] New clamav packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1660-1 [email protected] http://www.debian.org/security/ Florian Weimer October 26, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1659-1] New libspf2 packages fix potential remote code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1659-1 [email protected] http://www.debian.org/security/ Florian Weimer October 23, 2008 http://www.debian.org/security/faq -...

CVE-2008-3831

The i915 driver in 1 drivers/char/drm/i915dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and 2 sys/dev/pci/drm/i915drv.c in OpenBSD does not restrict the DRMI915HWSADDR ioctl to the Direct Rendering Manager DRM master, which allows local users to cause a denial of service memory corruption...

Memory corruption

The i915 driver in 1 drivers/char/drm/i915dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and 2 sys/dev/pci/drm/i915drv.c in OpenBSD does not restrict the DRMI915HWSADDR ioctl to the Direct Rendering Manager DRM master, which allows local users to cause a denial of service memory corruption...

CVE-2008-4553

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...

CVE-2008-4553

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...

CVE-2008-4553

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...

Design/Logic Flaw

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...

CVE-2008-4553

CVE-2008-4553 affects qemu, specifically the qemu-make-debian-root script, where temporary files are created insecurely. This local vulnerability in qemu 0.9.1-5 on Debian GNU/Linux allows a symlink attack to overwrite arbitrary files, potentially enabling local denial of service. Debian DSAs and...

[SECURITY] [DSA 1651-1] New ruby1.8 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1651-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 12, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1646-2] New squid packages fix array bounds check

------------------------------------------------------------------------ Debian Security Advisory DSA-1646-2 [email protected] http://www.debian.org/security/ Devin Carraway October 11, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1648-1] New mon packages fix insecure temporary files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1648-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 08, 2008 http://www.debian.org/security/faq -...