2384 matches found
CVE-2006-1564
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the 1 modauthzsvn.so and 2 moddavsvn.so modules, which might allow local users to gain privileges by installing malicious libraries in that...
[SECURITY] [DSA 1021-1] New netpbm-free packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1021-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1020-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...
CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
Design/Logic Flaw
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
CVE-2006-1376
CVE-2006-1376 affects Debian GNU/Linux 3.1r1 network install: /var/log/debian-installer/cdebconf is created with world-writable permissions, enabling local users to trigger a denial of service via disk consumption. The connected documents confirm this behavior across multiple feeds (NVD, OSV, UB,...
CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
CVE-2006-1376
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service disk consumption...
[SECURITY] [DSA 1015-1] New sendmail packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1015-1 [email protected] http://www.debian.org/security/ Martin Schulze March 23rd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1015-1] New sendmail packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1015-1 [email protected] http://www.debian.org/security/ Martin Schulze March 23rd, 2006 http://www.debian.org/security/faq -...
CVE-2005-4418
CVE-2005-4418 affects Debian vserver: util-vserver with kernel-patch-vserver, where the default policy trusts unknown capabilities, potentially allowing local privilege escalation. Root cause: insecure default policy in util-vserver components. Affected versions include kernel-patch-vserver 1.9.5...
CVE-2005-4418
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities...
CVE-2005-4347
CVE-2005-4347 affects Linux 2.4 kernel patch kernel-patch-vserver (and 2.x) for Debian; the chroot barrier is not set correctly in util-vserver, potentially permitting unauthorised escapes from a vserver to the host. OpenVAS/Debian DSAs describe that this vulnerability is limited to the 2.4 patch...
CVE-2005-4347
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver...
[Full-disclosure] [SECURITY] [DSA 1013-1] New snmptrapfmt packages fix insecure temporary file
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1013-1 [email protected] http://www.debian.org/security/ Martin Schulze March 22nd, 2006 http://www.debian.org/security/faq -...
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
Code injection
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...