4334 matches found
CVE-2005-4604
This CVE (CVE-2005-4604) concerns a buffer overflow in MTink within the printer-filters-utils package, exploitable via an overly long HOME environment variable. Affected component: mtink binary used by printer-filters-utils. Root cause: buffer overflow leading to arbitrary code execution by local...
CVE-2005-4604
Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable...
Debian DSA-825-1 : loop-aes-utils - privilege escalation
David Watson discovered a bug in mount as provided by util-linux and other packages such as loop-aes-utils that allows local users to bypass filesystem access restrictions by re-mounting it read-only. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
Mandrake Linux Security Advisory : bluez-utils (MDKSA-2005:150)
A vulnerability in bluez-utils was discovered by Henryk Plotz. Due to missing input sanitizing, it was possible for an attacker to execute arbitrary commands supplied as a device name from the remote bluetooth device. The updated packages have been patched to correct this problem. %NASLMINLEVEL...
[SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 825-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 825-1] New loop-aes-utils packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 825-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 823-1] New util-linux packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 823-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 823-1] New util-linux packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 823-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...
DTSA-9-1 bluez-utils - bad device name escaping
Bulletin has no description...
[SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 782-1 [email protected] http://www.debian.org/security/ Martin Schulze August 23rd, 2005 http://www.debian.org/security/faq -...
DSA-782-1 bluez-utils - missing input sanitising
Bulletin has no description...
Debian DSA-782-1 : bluez-utils - missing input sanitising
Henryk Plotz discovered a vulnerability in bluez-utils, tools and daemons for Bluetooth. Due to missing input sanitising it is possible for an attacker to execute arbitrary commands supplied as device name from the remote device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...
GLSA-200508-09 : bluez-utils: Bluetooth device name validation vulnerability
The remote host is affected by the vulnerability described in GLSA-200508-09 bluez-utils: Bluetooth device name validation vulnerability The name of a Bluetooth device is improperly validated by the hcid utility when a remote device attempts to pair itself with a computer. Impact : An attacker...
Slackware 8.1 / 9.0 / current : nfs-utils off-by-one overflow fixed (SSA:2003-195-01)
New nfs-utils packages are available for Slackware 8.1, 9.0, and -current to fix an off-by-one buffer overflow in xlog.c. Thanks to Janusz Niewiadomski for discovering and reporting this problem. The CVE Common Vulnerabilities and Exposures Project has assigned the identification number...
Slackware 8.1 / 9.0 / current : nfs-utils packages replaced (SSA:2003-195-01b)
New nfs-utils packages are available for Slackware 8.1, 9.0, and -current to replace the ones that were issued yesterday. A bug in has been fixed in utils/mountd/auth.c that could cause mountd to crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...
Ruby XML-RPC Remote Arbitrary Command Execution
The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...
Debian DSA-717-1 : lsh-utils - buffer overflow, typo
Several security relevant problems have been discovered in lsh, the alternative secure shell v2 SSH2 protocol server. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2003-0826 Bennett Todd discovered a heap buffer overflow in lshd which could lead...
DSA-717-1 lsh-utils - buffer overflow, typo
Bulletin has no description...
CVE-2004-1387
The checkforensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files...
MDKSA-2005:005 - Updated nfs-utils packages fix 64bit vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: nfs-utils Advisory ID: MDKSA-2005:005 Date: January 11th, 2005 Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1 Problem Description: Arjan van de Ven discovered a buffer overflow in rquotad ...