CVE-1999-0319

Buffer overflow in xmcd 2.1 allows local users to gain access through a user resource setting...

EUVD-1999-0318

Malware in sbrugna...

EUVD-2001-1100

Malware in sbrugna...

EUVD-1999-0319

Malware in sbrugna...

EUVD-2008-4973

Malware in sbrugna...

CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable...

SuSE9 Security Update : permissions and filesystem (YOU Patch Number 10539)

It is technically impossible to change permissions files in of world writeable directories that don't have the sticky bit set in a secure way. This update therefore removes /var/lib/xmcd/discog from /etc/permissions. Furthermore permissions handling of files below /var/games is removed. To be abl...

SuSE9 Security Update : permissions (YOU Patch Number 10815)

It is technically impossible to change permissions files in of world writeable directories that don't have the sticky bit set in a secure way. This update therefore removes /var/lib/xmcd/discog from /etc/permissions. Furthermore permissions handling of files below /var/games is removed. To be abl...

Debian xmcd不安全临时文件建立漏洞

BUGTRAQ ID: 32288 CVE ID：CVE-2008-4994 CNCVE ID：CNCVE-20084994 Debian是一款linux发行版本。 Debian 'xmcd'不安全建立临时文件，本地攻击者可以利用漏洞破坏系统文件，造成拒绝服务攻击。 问题是在/tmp目录中不安全建立临时文件，通过符号链接可以用户进程权限覆盖目标系统文件，造成拒绝服务，也可能导致特权提升。 Debian xmcd 2.6 -19.3 升级到最新版本： http://packages.debian.org/lenny/xmcd...

CVE-2008-4994

The 1 ncsarmt and 2 ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.pid temporary file...

Arbitrary file deletion

The 1 ncsarmt and 2 ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.pid temporary file...

CVE-2008-4994

The CVE-2008-4994 entry concerns the xmcd 2.6 package where the (1) ncsarmt and (2) ncsawrap scripts can be exploited by a local attacker to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid file. This vulnerability arises from insecure temporary file handling in xmcd component...

CVE-2008-4994

The 1 ncsarmt and 2 ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.pid temporary file...

Debian Security Advisory DSA 1086-1 (xmcd)

The remote host is missing an update to xmcd announced via advisory DSA 1086-1. The xmcdconfig creates directories world-writeable allowing local users to fill the /usr and /var partition and hence cause a denial of service. This problem has been half-fixed since version 2.3-1. For the old stable...

Debian: Security Advisory (DSA-1086-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1086-1 : xmcd - design flaw

The xmcdconfig creates directories world-writeable allowing local users to fill the /usr and /var partition and hence cause a denial of service. This problem has been half-fixed since version 2.3-1. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...

[SECURITY] [DSA 1086-1] New xmcd packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1086-1 [email protected] http://www.debian.org/security/ Martin Schulze June 2nd, 2006 http://www.debian.org/security/faq -...

[Full-disclosure] [SECURITY] [DSA 1086-1] New xmcd packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1086-1 [email protected] http://www.debian.org/security/ Martin Schulze June 2nd, 2006 http://www.debian.org/security/faq -...

Weak xmcd security permissions

xmcdconfig creates workd-writable file allowing DoS attacks to fill file system...

CVE-2006-2542

CVE-2006-2542 affects xmcd (Debian xmcd package). The xmcdconfig script creates /var/lib/cddb and /var/lib/xmcd/discog with world-writable permissions, enabling local users to consume disk space and cause a denial of service. Debian/DSA-1086-1 and related advisories document the fix via updated x...