EUVD-2006-3116

Malware in sbrugna...

Gentoo Security Advisory GLSA 200608-22 (fbida)

The remote host is missing updates announced in advisory GLSA 200608-22. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1124)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1124-1 (fbi)

The remote host is missing an update to fbi announced via advisory DSA 1124-1. Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer contains a typo, which prevents the intended filter against malicious postscript commands from working correctly. This might lead to the deletion o...

Debian Security Advisory DSA 1068-1 (fbi)

The remote host is missing an update to fbi announced via advisory DSA 1068-1. Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks. For the old stabl...

Debian DSA-1068-1 : fbi - insecure temporary file

Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

Debian DSA-1124-1 : fbi - typo

Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer contains a typo, which prevents the intended filter against malicious postscript commands from working correctly. This might lead to the deletion of user data when displaying a postscript file. %NASLMINLEVEL 70300 C Tenable...

GLSA-200608-22 : fbida: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200608-22 fbida: Arbitrary command execution Toth Andras has discovered a typographic mistake in the 'fbgs' script, shipped with fbida if the 'fbcon' and 'pdf' USE flags are both enabled. This script runs 'gs' without the -dSAFER...

CVE-2006-3119

The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...

CVE-2006-3119

The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...

CVE-2006-3119

The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...

CVE-2006-3119

The CVE-2006-3119 issue concerns the fbgs PostScript/PDF viewer component of fbida (before version 2.01). A typographic mistake in the fbgs script prevents the intended filter from working, allowing a user-assisted attacker to bypass the filter and cause the PostScript commands to execute. Eviden...

DSA-1124 fbi - typo

Bulletin has no description...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

DEBIAN-CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1695

The CVE-2006-1695 issue affects the fbgs script in the fbi package (notably version around 2.01-1.4) where, if TMPDIR is not defined, a local user can exploit a symlink in /var/tmp/fbps-[PID] to overwrite arbitrary files. The vulnerability arises from creating a predictable temporary directory, e...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

[SA19559] fbida fbgs Insecure Temporary File Creation Vulnerability

TITLE: fbida fbgs Insecure Temporary File Creation Vulnerability SECUNIA ADVISORY ID: SA19559 VERIFY ADVISORY: http://secunia.com/advisories/19559/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: fbida 2.x http://secunia.com/product/9244/ DESCRIPTION: Jan Braun...