CVE-2003-0308

The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via 1 expn, 2 checksendmail, or 3 doublebounce.pl...

CVE-2003-0308

CVE-2003-0308 : The Debian GNU/Linux 3.0 package of Sendmail 8.12.3 does not securely create temporary files, enabling local users to gain additional privileges via the expn, checksendmail, or doublebounce.pl scripts. The issue is due to insecure temporary file handling within these components. E...

CVE-2003-0308

The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via 1 expn, 2 checksendmail, or 3 doublebounce.pl...

CVE-2003-0308

The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via 1 expn, 2 checksendmail, or 3 doublebounce.pl...

CVE-2003-0262

leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have...

CVE-2003-0262

CVE-2003-0262 concerns leksbot 1.2.3 on Debian GNU/Linux, where the program KATAXWR is installed as setuid root due to a packaging error. This misconfiguration enables local users to attempt privilege escalation to root, leveraging vulnerabilities in KATAXWR that it was not designed to expose to ...

OpenSSHPAM 3.6.1p1 - Remote Users Discovery Tool

OpenSSHPAM 3.6.1p1 - Remote Users Discovery Tool / SSHBRUTE - OpenSSH/PAM Proof of concept code by Maurizio Agazzini Tested against Red Hat, Mandrake, and Debian GNU/Linux. Reference: http://lab.mediaservice.net/advisory/2003-01-openssh.txt $ tar xvfz openssh-3.6.1p1.tar.gz $ patch -p0 include...

[SECURITY] [DSA 292-1] New mime-support packages fix temporary file race conditions

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 292-1 [email protected] http://www.debian.org/security/ Martin Schulze April 22nd, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA 261-1] New tcpdump packages fix denial of service vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 261-1 [email protected] http://www.debian.org/security/ Martin Schulze March 14th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA 256-1] New mhc-utils packages fix predictable temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 256-1 [email protected] http://www.debian.org/security/ Martin Schulze February 28th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA 249-1] New w3mmee packages fix cookie information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 249-1 [email protected] http://www.debian.org/security/ Martin Schulze February 11th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 217-1 [email protected] http://www.debian.org/security/ Martin Schulze December 27th, 2002 http://www.debian.org/security/faq -...

DSA-210 lynx - CRLF injection

Bulletin has no description...

[SECURITY] [DSA-210-1] lynx CRLF injection

------------------------------------------------------------------------ Debian Security Advisory DSA-210-1 [email protected] http://www.debian.org/security/ Wichert Akkerman December 13, 2002 - ------------------------------------------------------------------------ Package : lynx, lynx-ssl...

DSA-209 wget - directory traversal

Bulletin has no description...

[SECURITY] [DSA-205-1] gtetrinet buffer overflows

------------------------------------------------------------------------ Debian Security Advisory DSA-205-1 [email protected] http://www.debian.org/security/ Wichert Akkerman December 10, 2002 - ------------------------------------------------------------------------ Package : gtetrinet Problem...

DSA-205 gtetrinet - buffer overflow

Bulletin has no description...

[SECURITY] [DSA 198-1] New nullmailer packages fix local denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 198-1 [email protected] http://www.debian.org/security/ Martin Schulze November 18th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA-190-1] buffer overflow in Window Maker

Package : wmaker Problem type : buffer overflow Debian-specific: no Al Viro found a problem in the image handling code use in Window Maker, a popular NEXTSTEP like window manager. When creating an image it would allocate a buffer by multiplying the image width and height, but did not check for an...

[SECURITY] [DSA 189-1] New luxman packages fix local root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 189-1 [email protected] http://www.debian.org/security/ Martin Schulze November 6th, 2002 http://www.debian.org/security/faq -...