[SECURITY] [DSA 548-2] New imlib packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 548-2 [email protected] http://www.debian.org/security/ Martin Schulze October 26th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 871-2] New libgda2 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 871-2 [email protected] http://www.debian.org/security/ Martin Schulze October 25th, 2005 http://www.debian.org/security/faq -...

CVE-2005-3268

yiff server yiff-server 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files...

CVE-2005-3268

yiff server yiff-server 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files...

CVE-2005-3268

yiff server yiff-server 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files...

CVE-2005-3268

CVE-2005-3268 concerns yiff server (yiff-server) 2.14.2 on Debian GNU/Linux. The vulnerability arises because the process runs as root and does not properly verify ownership of files it opens, enabling local users to read arbitrary files. The connected documents confirm the affected product/versi...

CVE-2005-3255

The 1 cgiwrap and 2 php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

CVE-2005-3254

The CVE-2005-3254 issue affects CGIwrap prior to 3.9 on Debian GNU/Linux, where the minimum UID checked for seteuid operations is incorrectly set to 100 instead of 1000. This mismatch can allow an attacker to execute code as other system UIDs greater than the minimum value, as described in multip...

CVE-2005-3255

The CVE-2005-3255 issue affects the Debian GNU/Linux packages cgiwrap and php-cgiwrap (before version 3.9), where debugging CGI scripts under the web document root are exposed and can be directly requested by remote attackers to obtain sensitive information. This description is supported by multi...

[SECURITY] [DSA 860-1] New Ruby packages fix safety bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 860-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 859-1] New xli packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 859-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 835-1] New cfengine packages fix arbitrary file overwriting

-------------------------------------------------------------------------- Debian Security Advisory DSA 835-1 [email protected] http://www.debian.org/security/ Martin Schulze October 1st, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 832-1] New gopher packages fix several buffer overflows

-------------------------------------------------------------------------- Debian Security Advisory DSA 832-1 [email protected] http://www.debian.org/security/ Martin Schulze September 30th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 825-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 825-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 797-2] Updated zsync i386 packages fix build error

-------------------------------------------------------------------------- Debian Security Advisory DSA 797-2 [email protected] http://www.debian.org/security/ Michael Stone September 28th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 816-1] New XFree86 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 816-1 [email protected] http://www.debian.org/security/ Martin Schulze September 19th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 815-1] New kdebase packages fix local root vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 815-1 [email protected] http://www.debian.org/security/ Martin Schulze September 16th, 2005 http://www.debian.org/security/faq -...