816 matches found
CVE-2006-2542
CVE-2006-2542 affects xmcd (Debian xmcd package). The xmcdconfig script creates /var/lib/cddb and /var/lib/xmcd/discog with world-writable permissions, enabling local users to consume disk space and cause a denial of service. Debian/DSA-1086-1 and related advisories document the fix via updated x...
CVE-2006-2542
xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service disk consumption...
[SECURITY] [DSA 1055-1] New Mozilla Firefox packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1055-1 [email protected] http://www.debian.org/security/ Martin Schulze May 11th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1047-1] New resmgr packages fix unauthorised access
-------------------------------------------------------------------------- Debian Security Advisory DSA 1047-1 [email protected] http://www.debian.org/security/ Martin Schulze April 30th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1047-1] New resmgr packages fix unauthorised access
-------------------------------------------------------------------------- Debian Security Advisory DSA 1047-1 [email protected] http://www.debian.org/security/ Martin Schulze April 30th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1037-1] New zgv packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1037-1 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1035-1] New fcheck packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1035-1 [email protected] http://www.debian.org/security/ Steve Kemp April 15th, 2005 http://www.debian.org/security/faq -...
CVE-2006-1772
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...
CVE-2006-1772
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/databaseadminpass record, which...
[SECURITY] [DSA 1033-1] New horde3 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1033-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 12th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1032-1] New zope-cmfplone packages fix unprivileged data manipulation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1032-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 12th, 2006 http://www.debian.org/security/faq -...
[SA19589] Debian mnogosearch Insecure Password Storage Security Issue
TITLE: Debian mnogosearch Insecure Password Storage Security Issue SECUNIA ADVISORY ID: SA19589 VERIFY ADVISORY: http://secunia.com/advisories/19589/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: Local system OPERATING SYSTEM: Debian GNU/Linux 3.1...
[SECURITY] [DSA 1028-1] New libimager-perl packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1028-1 [email protected] http://www.debian.org/security/ Martin Schulze March 7th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1023-1] New kaffeine packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1023-1 [email protected] http://www.debian.org/security/ Martin Schulze April 5th, 2006 http://www.debian.org/security/faq -...
CVE-2006-1565
Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...
CVE-2006-1566
Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...
CVE-2006-1564
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...
CVE-2006-1564
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...
CVE-2006-1565
Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...
CVE-2006-1566
Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...