Lucene search
K

17 matches found

Debian
Debian
added 2000/09/19 5:31 p.m.1 views

[SECURITY] New versions of sysklogd released

Package: sysklogd Vulnerability: root exploit Debian-specific: no Multiple vulnerabilities have been reported in syslogd and klogd. A local root exploit is possible, and remote exploits may be possible in some cases though we are not currently aware of a remote exploit. Fixed packages are availab...

5.6AI score
Exploits0
Debian
Debian
added 2000/09/05 2:58 p.m.4 views

[SECURITY] glibc update for Debian GNU/Linux 2.1 (update)

Package: glibc Vulnerability: local exploit Debian-specific: no Recently two problems have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code. An earlier advisory listed the updates for Debian 2.2/potato. This advisory contains updates for Debian...

6AI score
Exploits0
Debian
Debian
added 2000/09/04 11:56 a.m.1 views

[SECURITY] new version of screen released

Package: screen Vulnerability: local exploit Debian-specific: no A format string bug was recently discovered in screen which can be used to gain elevated privilages if screen is setuid. Debian 2.1 slink did ship screen setuid and the exploit can be used to gain root privilages. In Debian 2.2 pota...

5.6AI score
Exploits0
Debian
Debian
added 2000/08/17 4:31 a.m.4 views

[SECURITY] New version of xlockmore/xlockmore-gl released

Package: xlockmore, xlockmore-gl Vulnerability type: local exploit Debian-specific: no There is a format string bug in all versions of xlockmore/xlockmore-gl. Debian 2.1 slink installs xlock setgid by default, and this exploit can be used to gain read access to the shadow file. We recommend...

5.3AI score
Exploits0
Debian
Debian
added 2000/08/09 6:10 a.m.3 views

[SECURITY] New version of mailx released

Package : mailx Problem type : local exploit Debian-specific: no mailx is a often used by other programs to send email. Unfortunately mailx as distributed in Debian GNU/Linux 2.1 has some features that made it possible to execute system commands if a user can trick a privileged program to send...

5.9AI score
Exploits0
Debian
Debian
added 2000/07/27 2:41 a.m.1 views

[SECURITY] New version of userv released

Package : userv Problem type : local exploit Debian-specific: no The version of userv that was distributed with Debian GNU/Linux 2.1 / slink had a problem in the fd swapping algorithm: it could sometimes make an out-of-bounds array reference. It might be possible for local users to abuse this to...

5.8AI score
Exploits0
Debian
Debian
added 2000/06/28 4:18 p.m.2 views

[SECURITY] New verion of dhcp released

Package: dhcp-client-beta dhcp-client Vulnerability type: remote root exploit Debian-specific: no The versions of the ISC DHCP client in debian 2.1 slink and debian 2.2 potato are vulnerable to a root exploit. The OpenBSD team reports that the client inappropriately executes commands embedded in...

5.8AI score
Exploits0
Debian
Debian
added 2000/06/23 7:17 a.m.3 views

[SECURITY] New Debian wu-ftpd packages released

Package: wu-ftpd wu-ftpd-academ Vulnerability: remote root exploit Debian-specific: no The version of wu-ftpd distributed in Debian GNU/Linux 2.1 a.k.a. slink, as well as in the frozen potato and unstable woody distributions, is vulnerable to a remote root compromise. The default configuration in...

5.6AI score
Exploits0
Debian
Debian
added 2000/06/05 6:22 p.m.1 views

[SECURITY] New version of mailx released

Package: mailx Vulnerability: local exploit Debian-specific: no The version of mailx distributed in Debian GNU/Linux 2.1 a.k.a. slink, as well as in the frozen potato and unstable woody distributions is vulnerable to a local buffer overflow while sending messages. This could be exploited to give ...

5.8AI score
Exploits0
Debian
Debian
added 2000/03/09 6:0 a.m.4 views

[SECURITY] New version of mtr released

Package: mtr Vulnerability type: possible local exploit Debian-specific: no The version of mtr as distributed in Debian GNU/Linux 2l1 aka slink did not drop root privileges correctly. While there are no known exploits it is conceivable that a weakness in gtk or ncurses could be used to exploit...

5.8AI score
Exploits0
Debian
Debian
added 2000/02/28 5:38 p.m.1 views

[SECURITY] New version of nmh released

Package: nmh Vulnerability type: remote exploit Debian-specific: no The version of nmh that was distributed in Debian GNU/Linux 2.1 aka slink did not check incoming mail messages properly. This could be exploited by using carefully designed MIME headers to trick mhshow into executing arbitrary...

5.9AI score
Exploits0
Debian
Debian
added 2000/02/19 11:42 p.m.2 views

[SECURITY] New version of make released

Package: make Vulnerability type: symlink attack Debian-specific: no The make package as shipped in Debian GNU/Linux 2.1 is vulnerable to a race condition that can be exploited with a symlink attack. make used mktemp while creating temporary files in /tmp. and that is a known potential security...

5.8AI score
Exploits0
Debian
Debian
added 1999/11/16 11:29 p.m.4 views

[SECURITY] New version of bind released

The version bind that was distributed in Debian GNU/Linux 2.1 has a vulnerability in the processing of NXT records that can be used by an attacked in a Debian of Service attack or theoretically be exploited to gain access to the server. This has been fixed in version 8.2.5p5-0slink1, and we...

5.8AI score
Exploits0
Debian
Debian
added 1999/10/18 12:51 a.m.0 views

[SECURITY] New version of amd fixes remote exploit, take 2

The version of amd that was distributed with Debian GNU/Linux 2.1 is vulnerable to a remote exploit. This was fixed in version 23.0slink1. However that fix contained an error which has been fixed in version upl102-23.slink2. Here is the problem description from the previous fix: Passing a big...

6.1AI score
Exploits0
Debian
Debian
added 1999/10/18 12:51 a.m.3 views

[SECURITY] New version of mirror fixes remote exploit

We have received reports that the version of mirror as distributed in Debian GNU/Linux 2.1 could be remotely exploited. When mirroring a remote site the remote site could use filename-constructions like " .." that would case mirror to work one level above the target directory for the mirrored...

5.4AI score
Exploits0
Debian
Debian
added 1999/08/14 5:22 p.m.1 views

[SECURITY] new version isdnutils fixes exploitable xmonisdn

We have received reports that the version of xmonisdn as distributed in the isndutils package from Debian GNU/Linux 2.1 has a security problem. Xmonisdn is an X applet that shows the status of the ISDN links. You can configure it to run two scripts when the left or right mouse button are clicked ...

6AI score
Exploits0
Debian
Debian
added 1999/06/06 11:56 p.m.1 views

[SECURITY] New version if ipopd prevents exploit

We have received reports that the version of the imap suite in Debian GNU/Linux 2.1 has a vulnerability in its POP-2 daemon, which can be found in the ipopd package. Using this vulnerability it is possible for remote users to get a shell as user "nobody" on the server. We recommend you upgrade yo...

5.9AI score
Exploits0
Rows per page
Query Builder