OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/5093/info The OpenSSH team has reported two vulnerabilities in OpenSSH that are remotely exploitable and may allow for unauthenticated attackers to obtain root privileges. The conditions are related to the OpenSSH SSH2...

[Full-disclosure] Re: rPSA-2006-0122-1 kernel

Justin M. Forbes wrote: Description: Previous versions of the kernel package are vulnerable to two denial of service attacks. The first allows any local user to fill up file systems by causing core dumps to write to directories to which they do not have write access permissions. The second applie...

SUSE-SA:2005:064: pwdutils, shadow

The remote host is missing the patch for the advisory SUSE-SA:2005:064 pwdutils, shadow. Thomas Gerisch found that the setuid 'chfn' program contained in the pwdutils suite insufficiently checks it's arguments when changing the GECOS field. This bug leads to a trivially exploitable local privileg...