32 matches found
EUVD-2000-0229
Malware in sbrugna...
EUVD-2004-2688
Malware in sbrugna...
EUVD-2000-1175
Malware in sbrugna...
Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...
Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...
IMWheel 1.0 Predictable Temporary File Creation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11008/info IMWheel is reported prone to a predictable temporary file creation vulnerability. This issue is a race condition error and may allow a local attacker to carry out denial of service attacks against other users a...
Mandrake Linux Security Advisory : imwheel (MDKSA-2000:001)
A security bug was found in imwheel; the bug can be exploited to provide local users with root access. Version 0.9.8 fixes this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandrake Linux Security Advisory...
MDVA-2008:173 : imwheel
Under certain conditions, imwheel would enter an infinite loop and force the X server to consume a lot of CPU time, rendering the system unusable. This update fixes the issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix...
FreeBSD : imwheel -- insecure handling of PID file (e31d44a2-21e3-11d9-9289-000c41e2cdad)
A Computer Academic Underground advisory describes the consequences of imwheel's handling of the process ID file PID file : imwheel exclusively uses a predictably named PID file for management of multiple imwheel processes. A race condition exists when the -k command-line option is used to kill...
Mandriva Update for imwheel MDVA-2008:173 (imwheel)
Check for the Version of imwheel OpenVAS Vulnerability Test Mandriva Update for imwheel MDVA-2008:173 imwheel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Mandriva Update for imwheel MDVA-2008:173 (imwheel)
Check for the Version of imwheel OpenVAS Vulnerability Test Mandriva Update for imwheel MDVA-2008:173 imwheel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
FreeBSD Ports: imwheel
The remote host is missing an update to the system as announced in the referenced advisory. VID e31d44a2-21e3-11d9-9289-000c41e2cdad OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: imwheel
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Halloween Linux imwheel 缓冲区溢出漏洞
在imwheel程序中没有检查"HOME"环境变量的长度,就将其复制到一个固定大小的buffer 中,导致可能发生缓冲区溢出。而在Halloween Linux Version 4中,有一个perl脚本 'imwheel-solo'被设置了suid root位,这个脚本调用了imwheel程序(以euid=0身份. 因此,攻击者可以利用这个漏洞来得到本地的root权限。 另外,存在一个任何人可写的pid文件,用户只要将要杀死的进程id写入这个文件中,就可 能欺骗imwheel-solo脚本,让它发送SIGTERM信号给该进程,导致该进程终止。 Halloween Linux Versio...
CVE-2004-2698
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service IMWheel crash and possibly modify arbitrary files via a symlink attack on the imwheel.pid file...
CVE-2004-2698
The CVE-2004-2698 entry concerns a race condition in IMWheel before or at 1.0.0pre11 when run with the -k option. This condition can allow a local attacker to cause a denial of service (IMWheel crash) and, via a symlink attack on the imwheel.pid file, potentially modify arbitrary files. The conne...
CVE-2004-2698
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service IMWheel crash and possibly modify arbitrary files via a symlink attack on the imwheel.pid file...
CVE-2004-2698
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service IMWheel crash and possibly modify arbitrary files via a symlink attack on the imwheel.pid file...
CVE-2004-2698
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service IMWheel crash and possibly modify arbitrary files via a symlink attack on the imwheel.pid file...
DEBIAN-CVE-2004-2698
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service IMWheel crash and possibly modify arbitrary files via a symlink attack on the imwheel.pid file...