2384 matches found
CVE-2005-3255
The 1 cgiwrap and 2 php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs...
CVE-2005-3254
The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...
CVE-2005-3254
The CVE-2005-3254 issue affects CGIwrap prior to 3.9 on Debian GNU/Linux, where the minimum UID checked for seteuid operations is incorrectly set to 100 instead of 1000. This mismatch can allow an attacker to execute code as other system UIDs greater than the minimum value, as described in multip...
CVE-2005-3255
The CVE-2005-3255 issue affects the Debian GNU/Linux packages cgiwrap and php-cgiwrap (before version 3.9), where debugging CGI scripts under the web document root are exposed and can be directly requested by remote attackers to obtain sensitive information. This description is supported by multi...
[SECURITY] [DSA 860-1] New Ruby packages fix safety bypass
-------------------------------------------------------------------------- Debian Security Advisory DSA 860-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 859-1] New xli packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 859-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq -...
[Full-disclosure] [SECURITY] [DSA 857-1] New graphviz packages fix insecure temporary file
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 857-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 854-1] New tcpdump packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 854-1 [email protected] http://www.debian.org/security/ Martin Schulze October 9th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 848-1] New masqmail packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 848-1 [email protected] http://www.debian.org/security/ Martin Schulze October 8th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 842-1] New egroupware packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 842-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 839-1] New apachetop packages fix insecure temporary file
-------------------------------------------------------------------------- Debian Security Advisory DSA 839-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 835-1] New cfengine packages fix arbitrary file overwriting
-------------------------------------------------------------------------- Debian Security Advisory DSA 835-1 [email protected] http://www.debian.org/security/ Martin Schulze October 1st, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 835-1] New cfengine packages fix arbitrary file overwriting
-------------------------------------------------------------------------- Debian Security Advisory DSA 835-1 [email protected] http://www.debian.org/security/ Martin Schulze October 1st, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 834-1] New prozilla packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 834-1 [email protected] http://www.debian.org/security/ Martin Schulze October 1st, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 832-1] New gopher packages fix several buffer overflows
-------------------------------------------------------------------------- Debian Security Advisory DSA 832-1 [email protected] http://www.debian.org/security/ Martin Schulze September 30th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 832-1] New gopher packages fix several buffer overflows
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 832-1 [email protected] http://www.debian.org/security/ Martin Schulze September 30th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 827-1] New backupninja packages fix insecure temporary file
-------------------------------------------------------------------------- Debian Security Advisory DSA 827-1 [email protected] http://www.debian.org/security/ Michael Stone September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 825-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 825-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 822-1] New gtkdiskfree packages fix insecure temporary file
-------------------------------------------------------------------------- Debian Security Advisory DSA 822-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...