816 matches found
CVE-2006-1564
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...
CVE-2006-1565
Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...
CVE-2006-1566
Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...
CVE-2006-1564
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...
CVE-2006-1565
Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...
CVE-2006-1566
Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory...
CVE-2006-1566
The CVE-2006-1566 issue affects libtunepimp-perl 0.4.2-1 on Debian GNU/Linux, where an RPATH value under /tmp/buildd for the tunepimp.so module creates an untrusted search path. This could allow local users to gain privileges by placing malicious libraries in that directory. Connected sources cor...
CVE-2006-1565
The CVE-2006-1565 entry concerns an untrusted search path (RPATH) vulnerability in libgpib-perl 3.2.06-2 on Debian GNU/Linux. The LinuxGpib.so module includes an RPATH value under /tmp/buildd, which could allow a local attacker to gain privileges by placing malicious libraries in that directory t...
CVE-2006-1564
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...
[SECURITY] [DSA 1021-1] New netpbm-free packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1021-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1020-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...
CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
[SECURITY] [DSA 1015-1] New sendmail packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1015-1 [email protected] http://www.debian.org/security/ Martin Schulze March 23rd, 2006 http://www.debian.org/security/faq -...
CVE-2005-4347
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver...
CVE-2005-4418
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities...
CVE-2005-4418
CVE-2005-4418 affects Debian vserver: util-vserver with kernel-patch-vserver, where the default policy trusts unknown capabilities, potentially allowing local privilege escalation. Root cause: insecure default policy in util-vserver components. Affected versions include kernel-patch-vserver 1.9.5...
[Full-disclosure] [SECURITY] [DSA 1013-1] New snmptrapfmt packages fix insecure temporary file
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1013-1 [email protected] http://www.debian.org/security/ Martin Schulze March 22nd, 2006 http://www.debian.org/security/faq -...
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
Code injection
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...