CVE-2005-0070

Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files...

Debian DSA-681-1 : synaesthesia - privilege escalation

Erik Sjolund and Devin Carraway discovered that synaesthesia, a program for representing sounds visually, accesses user-controlled configuration and mixer files with elevated privileges. Thus, it is possible to read arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] [DSA 681-1] New synaesthesia packages fix unauthorised file access

-------------------------------------------------------------------------- Debian Security Advisory DSA 681-1 [email protected] http://www.debian.org/security/ Martin Schulze February 14th, 2005 http://www.debian.org/security/faq -...

CVE-2004-0160

Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file...

CVE-2004-0160

Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file...

[Full-Disclosure] [SECURITY] [DSA 446-1] New synaesthesia packages fix insecure file creation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 446-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 21st, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 446-1] New synaesthesia packages fix insecure file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 446-1 [email protected] http://www.debian.org/security/ Matt Zimmerman February 21st, 2004 http://www.debian.org/security/faq -...

DSA-446 synaesthesia - insecure file creation

Bulletin has no description...