CVE-2005-0866

cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-0866

cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-0464

grosview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error...

DEBIAN-CVE-2005-0241

The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size...

CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...

CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...

DEBIAN-CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...

DEBIAN-CVE-2005-0155

The PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to create arbitrary files via the PERLIODEBUG variable...

CVE-2001-1462

WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information...

CVE-2005-0464

The CVE concerns SGI IRIX gr_osview (6.5.x, including 6.5.22) which does not drop privileges when opening user-specified description files in debug mode. Local attackers can read a line from arbitrary files by using -d and -D, which prints the line as a formatting error. The core issue is an info...

CVE-2005-0866

cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-0866

CVE-2005-0866 affects cdrecord before 4:2.0. When DEBUG is enabled, it allows local users to overwrite arbitrary files via a symlink attack on temporary files. The issue is documented across NVD, Ubuntu, Mandrake advisories, and related CVE entries, which note that an updated package containing a...

-==PVDasm Long Name Debug Vulnerability==-

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 10 - 19/03/05 -------------------------------------------------------- Program: PVDasm Homepage: http://pvdasm.reverse-engineering.net/ Vulnerable Versions: v1.6b & lowers Risk: Medium!! Impact: Long Name...

CVE-2005-0510

The daemon for fallback-reboot before 0.995 allows attackers to cause a denial of service daemon exit, possibly related to verbose debug messages when the daemon is not on a tty...

Default Password (synnet) for 'debug' Account

The account 'debug' on the remote host uses the password 'synnet'. An attacker may use it to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "debug"; password = "synnet"; include'deprecatednasllevel.inc'; include'compat.inc'; if description...

HP-UX FTP daemon is vulnerable to a buffer overflow

Overview The HP-UX FTP daemon ftpd contains a buffer overflow that may allow an unauthenticated, remote attacker to execute arbitrary code. Description The HP-UX FTP daemon ftpd is vulnerable to a buffer overflow when the FTP daemon is configured to log debugging information. Debug logging is...

CVE-2005-0460

CVE-2005-0460 affects MercuryBoard (Web PHP bulletin board) versions 1.0.x and 1.1.x. The issue arises in index.php via the debug parameter, allowing remote attackers to obtain sensitive information. Public references indicate multiple feeds about MercuryBoard vulnerabilities, but the provided do...

[SA14284] Mercuryboard "debug" Debug Information Disclosure

TITLE: Mercuryboard "debug" Debug Information Disclosure SECUNIA ADVISORY ID: SA14284 VERIFY ADVISORY: http://secunia.com/advisories/14284/ CRITICAL: Not critical IMPACT: Exposure of system information WHERE: From remote SOFTWARE: MercuryBoard 1.x http://secunia.com/product/4560/ DESCRIPTION:...

CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...

CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...