Design/Logic Flaw

util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...

CVE-2006-1319

chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...

CVE-2006-1320

util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...

CVE-2006-1319

chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...

CVE-2006-1319

chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...

CVE-2006-1320

util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...

CVE-2006-1319

CVE-2006-1319 concerns chpst in runit 1.3.3-1 (Debian GNU/Linux) when compiled on little-endian i386 with dietlibc. The issue arises in how multiple groups are handled in the -u option, leading to incorrect permissions being assigned to the root group due to inconsistent gid_t bit sizes. Document...

CVE-2006-1320

CVE-2006-1320 : The Debian rssh package (rssh 2.3.0 in Debian GNU/Linux) contains a programming error where braces are not used to form a block, causing a faulty check for CVS and permitting rsync/rdist to bypass access restrictions configured in rssh.conf. Debian’s DSA-1109-1 notes the fix and l...

CVE-2006-1319

chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...

CVE-2006-1320

Removed by vendor...

[SECURITY] [DSA 1005-1] New xine-lib packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1005-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 16th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 999-1] New lurker packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 999-1 [email protected] http://www.debian.org/security/ Martin Schulze March 14th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 991-1] New zoo packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 991-1 [email protected] http://www.debian.org/security/ Steve Kemp March 10th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 990-1] New bluez-hcidump packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 990-1 [email protected] http://www.debian.org/security/ Martin Schulze March 10th, 2006 http://www.debian.org/security/faq -...

CVE-2005-4728

Untrusted search path vulnerability RPATH in amaya 9.2.1 on Debian GNU/Linux allows local users to gain privileges via a malicious Mesa library in the /home/anand directory...

CVE-2005-4728

CVE-2005-4728 affects Amaya 9.2.1 on Debian GNU/Linux and is caused by an untrusted search path (RPATH) vulnerability that lets local users gain privileges via a malicious Mesa library placed in /home/anand. The connected documents corroborate the same description across Red Hat, Ubuntu, CVE, and...

[SECURITY] [DSA 985-1] New libtasn1-2 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 985-1 [email protected] http://www.debian.org/security/ Martin Schulze March 6th, 2006 http://www.debian.org/security/faq -...

[Full-disclosure] [SECURITY] [DSA 985-1] New libtasn1-2 packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 985-1 [email protected] http://www.debian.org/security/ Martin Schulze March 6th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 982-1] New gpdf packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 982-1 [email protected] http://www.debian.org/security/ Martin Schulze February 27th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 980-1] New tutos packages fix multiple vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 980-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 22nd, 2006 http://www.debian.org/security/faq -...