CVE-2008-5142

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr. temporary file...

[SECURITY] [DSA 1661-1] New OpenOffice.org packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1661-1 [email protected] http://www.debian.org/security/ Martin Schulze October 29th, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1660-1] New clamav packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1660-1 [email protected] http://www.debian.org/security/ Florian Weimer October 26, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1659-1] New libspf2 packages fix potential remote code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1659-1 [email protected] http://www.debian.org/security/ Florian Weimer October 23, 2008 http://www.debian.org/security/faq -...

CVE-2008-3831

The i915 driver in 1 drivers/char/drm/i915dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and 2 sys/dev/pci/drm/i915drv.c in OpenBSD does not restrict the DRMI915HWSADDR ioctl to the Direct Rendering Manager DRM master, which allows local users to cause a denial of service memory corruption...

Memory corruption

The i915 driver in 1 drivers/char/drm/i915dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and 2 sys/dev/pci/drm/i915drv.c in OpenBSD does not restrict the DRMI915HWSADDR ioctl to the Direct Rendering Manager DRM master, which allows local users to cause a denial of service memory corruption...

CVE-2008-4553

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...

CVE-2008-4553

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...

CVE-2008-4553

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...

Design/Logic Flaw

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories...

CVE-2008-4553

CVE-2008-4553 affects qemu, specifically the qemu-make-debian-root script, where temporary files are created insecurely. This local vulnerability in qemu 0.9.1-5 on Debian GNU/Linux allows a symlink attack to overwrite arbitrary files, potentially enabling local denial of service. Debian DSAs and...

Telecom Italia Alice Pirelli routers - Backdoor from internal LAN/WAN

saxdax & drpepperONE Discovered embedded backdoor to activate telnet/ftp/tftp/web extended admin interface with Admin privileges, from internal network lan on Alice ADSL CPE Modem/Router, manufactered by Pirelli based on Broadcom platform. saxdax & drpepperONE Router Vendor: Alice Telecom Italia...

[SECURITY] [DSA 1651-1] New ruby1.8 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1651-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 12, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1646-2] New squid packages fix array bounds check

------------------------------------------------------------------------ Debian Security Advisory DSA-1646-2 [email protected] http://www.debian.org/security/ Devin Carraway October 11, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1648-1] New mon packages fix insecure temporary files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1648-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 08, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA-1646-1] New squid packages fix array bounds check

------------------------------------------------------------------------ Debian Security Advisory DSA-1646-1 [email protected] http://www.debian.org/security/ Devin Carraway October 07, 2008 http://www.debian.org/security/faq -...

CVE-2008-4126

PyDNS aka python-dns before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: this...

CVE-2008-4099

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...

CVE-2008-4099

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...

CVE-2008-4099

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...