85 matches found
Design/Logic Flaw
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/mounted-map or 2 /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-roo...
CVE-2008-5135
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/mounted-map or 2 /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-roo...
Mandrake Linux Security Advisory : xorg-x11 (MDKSA-2006:056)
Versions of Xorg 6.9.0 and greater have a bug in xf86Init.c, which allows non-root users to use the -modulepath, -logfile and -configure options. This allows loading of arbitrary modules which will execute as the root user, as well as a local DoS by overwriting system files. Updated packages have...
VMware Workstation 4.0.1 (for Linux systems) vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Description - ----------- The following products have a vulnerability that can allow a non-root user of the host system to delete files. VMware Workstation 4.0.1 for Linux systems build 5289 and earlier releases Details/Impact - -------------- By...
Helix Code Security Advisory - Helix GNOME Update
HELIX CODE, INC. SECURITY ADVISORY [email protected] Issue Date: 20 Aug 2000 PACKAGES AFFECTED: Helix GNOME Updater helix-update, versions 0.1 through 0.5 SYNOPSIS: A vulnerability in Helix GNOME Update allow non-root users to exploit world-writable permissions on /tmp, permitting arbitraril...