15 matches found
EUVD-2000-0720
Malware in sbrugna...
EUVD-2000-0718
Malware in sbrugna...
EUVD-2000-0719
Malware in sbrugna...
gdm 1.0 .x/2.0 .x BETA/2.2 .0 XDMCP Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/1233/info A buffer overrun exists in the XDMCP handling code used in 'gdm', an xdm replacement, shipped as part of the GNOME desktop. By sending a maliciously crafted XDMCP message, it is possible for a remote attacker to...
CVE-2000-0724
The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files...
CVE-2000-0722
Helix GNOME Updater helix-update 0.5 and earlier allows local users to install arbitrary RPM packages by creating the /tmp/helix-install installation directory before root has begun installing packages...
CVE-2000-0723
Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config...
CVE-2000-0724
The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files...
CVE-2000-0724
CVE-2000-0724 involves the go-gnome Helix GNOME pre-installer. The vulnerability arises from a symlink attack in /tmp that lets local users overwrite arbitrary files, including uudecode, snarf, and some installer files. The described impact is complete confidentiality, integrity, and availability...
CVE-2000-0722
Helix GNOME Updater helix-update 0.5 and earlier allows local users to install arbitrary RPM packages by creating the /tmp/helix-install installation directory before root has begun installing packages...
CVE-2000-0723
Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config...
CVE-2000-0723
The CVE-2000-0723 entry concerns Helix GNOME Updater (helix-update) version 0.5 and earlier, where improper handling of /tmp leads to local users creating empty system configuration files (e.g., /etc/config.d/bashrc, /etc/config.d/csh.cshrc, /etc/rc.config). This vulnerability arises from inadequ...
Multiple Local Vulnerabilities in Helix Gnome Installer
Multiple Vulnerabilities In Helix Gnome Installer 0.2 VULNERABILITIES: The Helix installer contains multiple locally exploitable vulnerabilities. 1. Several of the gdmify functions are vulnerable to attack because they use system and /tmp in unsafe manners SuSE and Caldera A mkdir of the right pa...
дырка в Helix GNOME Updater
Некорректная работа с временными файлами помещаются во временную директорию, не проверяется принадлежность директории...
Helix Code Security Advisory - Helix GNOME Update
HELIX CODE, INC. SECURITY ADVISORY [email protected] Issue Date: 20 Aug 2000 PACKAGES AFFECTED: Helix GNOME Updater helix-update, versions 0.1 through 0.5 SYNOPSIS: A vulnerability in Helix GNOME Update allow non-root users to exploit world-writable permissions on /tmp, permitting arbitraril...