[SECURITY] [DSA 701-1] New samba packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 701-1 [email protected] http://www.debian.org/security/ Martin Schulze March 31st, 2005 http://www.debian.org/security/faq -...

DSA-701-1 samba - integer overflows

Bulletin has no description...

[SECURITY] [DSA 700-1] New mailreader packages fix cross-site scripting vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 700-1 [email protected] http://www.debian.org/security/ Martin Schulze March 30th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 699-1] New netkit-telnet-ssl packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 699-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 698-1] New mc packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 698-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 697-1] New netkit-telnet packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 697-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 685-1] New emacs21 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 685-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2005 http://www.debian.org/security/faq -...

CVE-2005-0159

The tpkg- scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

[SECURITY] [DSA 677-1] New sympa packages fix potential arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 677-1 security debian org http://www.debian.org/security/ Martin Schulze February 11th, 2005 http://www.debian.org/security/faq -...

CVE-2004-1340

Summary: CVE-2004-1340 affects the libpam-radius-auth package on Debian GNU/Linux 3.0, where the accompanying pam_radius_auth.conf was installed world-readable, potentially exposing secrets to all local users. The issue is Debian-specific (CAN-2004-1340) and was addressed in Debian security advis...

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

CVE-1999-1572

CVE-1999-1572 is a local vulnerability affecting GNU cpio where a 0 umask is used when creating files with -O/-F, causing output files to have mode 0666 and enabling local users to read or overwrite them. Connected advisories (RHSA-2005:806, RHSA-2005:073, DSA-664-1, USN-75-1, Ubuntu USN-80-1, Ce...

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

DEBIAN-CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

[SECURITY] [DSA 658-1] New libdbi-perl packages fix insecure temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 658-1 [email protected] http://www.debian.org/security/ Martin Schulze January 25th, 2005 http://www.debian.org/security/faq -...

exim.pl.txt

This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. In this report it was explained that a sequence like the one below did overflowed some internal buffer: /usr/bin/exim -bh ::%Aperl -e 'print pack'L',0xdeadbeef x 256' It...

Exim 4.41 - dns_build_reverse Local Buffer Overflow

Exim 4.41 - dnsbuildreverse Local Buffer Overflow / This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid is not included in the shellcode to avo...

Exim 4.41 - 'dns_build_reverse' Local Buffer Overflow

/ This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid is not included in the shellcode to avoid script-kidding. My RET is 0xbffffae4, but fb.pl...