Debian DSA-949-1 : crawl - insecure program execution

Steve Kemp from the Debian Security Audit project discovered a security related problem in crawl, another console based dungeon exploration game in the vein of nethack and rogue. The program executes commands insecurely when saving or loading games which can allow local attackers to gain group...

Debian DSA-1021-1 : netpbm-free - insecure program execution

Max Vozeler from the Debian Audit Project discovered that pstopnm, a converter from Postscript to the PBM, PGM and PNM formats, launches Ghostscript in an insecure manner, which might lead to the execution of arbitrary shell commands, when converting specially crafted Postscript files...

CVE-2006-0045

crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges...

[SECURITY] [DSA 949-1] New crawl packages fix potential group games execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 949-1 [email protected] http://www.debian.org/security/ Martin Schulze January 20th, 2006 http://www.debian.org/security/faq -...

ISSalert: Internet Security Systems Security Advisory: Insecure call of external program in AIX cdmount

TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...