CVE-1999-1572

CVE-1999-1572 is a local vulnerability affecting GNU cpio where a 0 umask is used when creating files with -O/-F, causing output files to have mode 0666 and enabling local users to read or overwrite them. Connected advisories (RHSA-2005:806, RHSA-2005:073, DSA-664-1, USN-75-1, Ubuntu USN-80-1, Ce...

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

DEBIAN-CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

CVE-2004-1340

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pamradiusauth.conf set to be world-readable, which allows local users to obtain sensitive information...

[SECURITY] [DSA 658-1] New libdbi-perl packages fix insecure temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 658-1 [email protected] http://www.debian.org/security/ Martin Schulze January 25th, 2005 http://www.debian.org/security/faq -...

exim.pl.txt

This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. In this report it was explained that a sequence like the one below did overflowed some internal buffer: /usr/bin/exim -bh ::%Aperl -e 'print pack'L',0xdeadbeef x 256' It...

Exim 4.41 - 'dns_build_reverse' Local Buffer Overflow

/ This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid is not included in the shellcode to avoid script-kidding. My RET is 0xbffffae4, but fb.pl...

Exim 4.41 - dns_build_reverse Local Buffer Overflow

Exim 4.41 - dnsbuildreverse Local Buffer Overflow / This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid is not included in the shellcode to avo...

Exim <= 4.41 dns_build_reverse Local Exploit PoC

Exploit for linux platform in category local exploits ================================================ Exim int main int argc, char argv static char shellcode= "\xeb\x17\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b\x89"...

[SECURITY] [DSA 638-1] New gopher packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 638-1 [email protected] http://www.debian.org/security/ Martin Schulze January 13th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 637-1] New exim-tls packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 637-1 [email protected] http://www.debian.org/security/ Martin Schulze January 13th, 2005 http://www.debian.org/security/faq -...

[SA13771] Debian lintian Insecure Temporary File Deletion Security Issue

TITLE: Debian lintian Insecure Temporary File Deletion Security Issue SECUNIA ADVISORY ID: SA13771 VERIFY ADVISORY: http://secunia.com/advisories/13771/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Debian GNU/Linux 3.0 http://secunia.com/product/143/...

[SECURITY] [DSA 626-1] New tiff packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 626-1 [email protected] http://www.debian.org/security/ Martin Schulze January 6th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 622-1] New htmlheadline package fixes insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 622-1 [email protected] http://www.debian.org/security/ Martin Schulze January 3rd, 2005 http://www.debian.org/security/faq -...

CVE-2004-1343

CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service server crash...

CVE-2004-1343

CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service server crash...

CVE-2004-0984

Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges...

CVE-2004-0984

Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges...

CVE-2004-2569

ipmenu 0.0.3 before Debian GNU/Linux ipmenu0.0.3-5 allows local users to overwrite arbitrary files via a symlink attack on the ipmenu.log temporary file...