CVE-2006-4248

thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the startthttpd temporary file...

[SECURITY] [DSA 1188-1] New mailman packages fix several problems

-------------------------------------------------------------------------- Debian Security Advisory DSA 1188-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2006 http://www.debian.org/security/faq -...

gzip contains a buffer underflow

Overview The gzip program contains a buffer underflow vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition. Description The gzip program is used to compress and decompress archived files.A buffer underflow vulnerability exists in gzip. An...

gzip contains an array out-of-bounds vulnerability in make_table()

Overview The gzip program contains a stack modification vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition.. Description The gzip program is used to compress and decompress archived files.A stack modification vulnerability exists in gzip. A...

[SECURITY] [DSA 1170-1] New fastjar packages fix directory traversal

-------------------------------------------------------------------------- Debian Security Advisory DSA 1170-1 [email protected] http://www.debian.org/security/ Martin Schulze September 6th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1167-1] New apache packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1167-1 [email protected] http://www.debian.org/security/ Steve Kemp September 4th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1148-1] New gallery packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1148-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 9th, 2006 http://www.debian.org/security/faq -...

CVE-2006-3123

Multiple integer overflows in the 1 dodecrypt and 2 doencrypt functions in cfsfh.c in cfsd in Matt Blaze Cryptographic File System CFS 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service daemon crash by appending data to a file that is larger than 2 Gb...

[SECURITY] [DSA 1138-1] New cfs packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1138-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 2nd, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1135-1] New libtunepimp packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1135-1 [email protected] http://www.debian.org/security/ Martin Schulze August 2nd, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code

-------------------------------------------------------------------------- Debian Security Advisory DSA 1125-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 26th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1116-1] New gimp packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1116-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 21st, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1111-1] New Linux kernel 2.6.8 packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 1111-1 [email protected] http://www.debian.org/security/ Dann Frazier Jul 16th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1104-2] New OpenOffice.org packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1104-2 [email protected] http://www.debian.org/security/ Martin Schulze July 6th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1102-1] New pinball packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 1102-1 [email protected] http://www.debian.org/security/ Steve Kemp June 26th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1091-1] New TIFF packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1091-1 [email protected] http://www.debian.org/security/ Martin Schulze June 8th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1085-1] New lynx-cur packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1085-1 [email protected] http://www.debian.org/security/ Martin Schulze June 1st, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1081-1] New libextractor packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1081-1 [email protected] http://www.debian.org/security/ Martin Schulze May 29th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1075-1] New awstats packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1075-1 [email protected] http://www.debian.org/security/ Martin Schulze May 26th, 2006 http://www.debian.org/security/faq -...

CVE-2006-2542

xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service disk consumption...