1915 matches found
CVE-2008-5747
CVE-2008-5747 affects F-PROT Antivirus for GNU/Linux. The vulnerability arises from ELF header handling: a crafted ELF binary with a “corrupted” header can be executed, enabling a remote attacker to bypass antivirus protection. Per OpenVAS/GLSA entries, this vulnerability is categorized as a Deni...
CVE-2008-4539
Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...
CVE-2008-4539
Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...
BitDefender PE文件解析整数溢出漏洞
BUGTRAQ ID: 32751 BitDefender Antivirus是具有功能强大的反病毒引擎以及互联网过滤技术的杀毒软件。 BitDefender在处理畸形结构的PE文件时存在漏洞,如果使用GNU/Linux版本的BitDefender扫描到了NeoLite或ASProtect封装的特制PE文件的话,就可能触发整数溢出,导致扫描引擎崩溃。 Softwin BitDefender v7 for Linux Softwin ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
[SECURITY] [DSA 1685-1] New uw-imap packages fix multiple vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1685-1 [email protected] http://www.debian.org/security/ Steffen Joeris December 12, 2008 http://www.debian.org/security/faq -...
CVE-2008-5394
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
Design/Logic Flaw
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
CVE-2008-5394
CVE-2008-5394 concerns the shadow package’s /bin/login on Debian (and likely other distros) where local users in the utmp group could exploit a symlink vulnerability to overwrite arbitrary files via a temporary file referenced in a utmp entry’s ut_line field. The described condition affects shado...
CVE-2008-5367
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...
CVE-2008-5367
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...
CVE-2008-5366
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...
Design/Logic Flaw
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...
CVE-2008-5366
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...
Arbitrary file deletion
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...
CVE-2008-5367
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...
CVE-2008-5367
CVE-2008-5367 refers to a local privilege escalation in ip-up of ppp-udeb 2.4.4rel on Debian GNU/Linux, allowing local users to overwrite arbitrary files via a symlink attack on /tmp/resolv.conf.tmp. Connected sources confirm the issue and list affected package constraints (ppp-udeb 2.4.4rel on D...
CVE-2008-5366
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...
CVE-2008-5366
CVE-2008-5366 affects the postinst script of the Debian/PPP package (ppp 2.4.4rel). A local attacker can exploit a symlink vulnerability to overwrite arbitrary files via temporary files in /tmp (/tmp/probe-finished or /tmp/ppp-errors). Impact is described as local, with potential data corruption ...
CVE-2008-5367
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...
CVE-2008-5366
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/probe-finished or 2 /tmp/ppp-errors temporary file...