1915 matches found
[SECURITY] [DSA 1015-1] New sendmail packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1015-1 [email protected] http://www.debian.org/security/ Martin Schulze March 23rd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1015-1] New sendmail packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1015-1 [email protected] http://www.debian.org/security/ Martin Schulze March 23rd, 2006 http://www.debian.org/security/faq -...
CVE-2005-4418
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities...
CVE-2005-4418
CVE-2005-4418 affects Debian vserver: util-vserver with kernel-patch-vserver, where the default policy trusts unknown capabilities, potentially allowing local privilege escalation. Root cause: insecure default policy in util-vserver components. Affected versions include kernel-patch-vserver 1.9.5...
CVE-2005-4347
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver...
CVE-2005-4347
CVE-2005-4347 affects Linux 2.4 kernel patch kernel-patch-vserver (and 2.x) for Debian; the chroot barrier is not set correctly in util-vserver, potentially permitting unauthorised escapes from a vserver to the host. OpenVAS/Debian DSAs describe that this vulnerability is limited to the 2.4 patch...
[Full-disclosure] [SECURITY] [DSA 1013-1] New snmptrapfmt packages fix insecure temporary file
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1013-1 [email protected] http://www.debian.org/security/ Martin Schulze March 22nd, 2006 http://www.debian.org/security/faq -...
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
Code injection
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
Design/Logic Flaw
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
CVE-2006-1320
CVE-2006-1320 : The Debian rssh package (rssh 2.3.0 in Debian GNU/Linux) contains a programming error where braces are not used to form a block, causing a faulty check for CVS and permitting rsync/rdist to bypass access restrictions configured in rssh.conf. Debian’s DSA-1109-1 notes the fix and l...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1320
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf...
CVE-2006-1320
Removed by vendor...
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gidt type...
CVE-2006-1319
CVE-2006-1319 concerns chpst in runit 1.3.3-1 (Debian GNU/Linux) when compiled on little-endian i386 with dietlibc. The issue arises in how multiple groups are handled in the -u option, leading to incorrect permissions being assigned to the root group due to inconsistent gid_t bit sizes. Document...