15 matches found
EUVD-2008-1300
Malware in sbrugna...
Fedora: Security Advisory (FEDORA-2024-04ba1ff731)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2064-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2064-1] ldm security update
Package : ldm Version : 2:2.2.15-2+deb8u1 CVE ID : CVE-2019-20373 Debian Bug : 948538 It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation. For...
Debian DSA-4601-1 : ldm - security update
It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project, incorrectly parsed responses from an SSH server, which could result in local root privilege escalation. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
[SECURITY] Fedora 26 Update: freeradius-3.0.15-1.fc26
The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...
apache22 -- several vulnerabilities
Apache HTTP SERVER PROJECT reports: low: XSS in modnegotiation when untrusted uploads are supported CVE-2012-2687 Possible XSS for sites which use modnegotiation and allow untrusted uploads to locations which have MultiViews enabled. low: insecure LDLIBRARYPATH handling CVE-2012-0883 This issue w...
Fedora Update for keepalived FEDORA-2012-12377
Check for the Version of keepalived OpenVAS Vulnerability Test Fedora Update for keepalived FEDORA-2012-12377 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
GLSA-200805-07 : Linux Terminal Server Project: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200805-07 Linux Terminal Server Project: Multiple vulnerabilities LTSP version 4.2, ships prebuilt copies of programs such as the Linux Kernel, the X.org X11 server GLSA 200705-06, GLSA 200710-16, GLSA 200801-09, libpng GLSA...
Linux Terminal Server Project: Multiple vulnerabilities
Background The Linux Terminal Server Project adds thin-client support to Linux servers. Description LTSP version 4.2, ships prebuilt copies of programs such as the Linux Kernel, the X.org X11 server GLSA 200705-06, GLSA 200710-16, GLSA 200801-09, libpng GLSA 200705-24, GLSA 200711-08, Freetype GL...
Debian DSA-1561-1 : ldm - programming error
Christian Herzog discovered that within the Linux Terminal Server Project, it was possible to connect to X on any LTSP client from any host on the network, making client windows and keystrokes visible to that host. NOTE: most ldm installs are likely to be in a chroot environment exported over NFS...
CVE-2008-1293
ldm in Linux Terminal Server Project LTSP 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 aka display :6...
Code injection
ldm in Linux Terminal Server Project LTSP 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 aka display :6...
CVE-2008-1293
The CVE-2008-1293 entry describes a vulnerability in LTSP’s ldm where -ac is passed to the X server on LTSP clients, enabling a remote attacker to connect to the client X display (display :6, TCP port 6006) and potentially observe/record keystrokes. Connected advisories (Ubuntu USN-610-1, Debian ...
CVE-2008-1293
ldm in Linux Terminal Server Project LTSP 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 aka display :6...