EUVD-2005-0073

Malware in sbrugna...

FreeBSD Ports: zhcon, zh-zhcon

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: zhcon, zh-zhcon

The remote host is missing an update to the system as announced in the referenced advisory. VID d371b627-6ed5-11d9-bd18-000a95bc6fae OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian Security Advisory DSA 655-1 (zhcon)

The remote host is missing an update to zhcon announced via advisory DSA 655-1. OpenVAS Vulnerability Test $Id: deb6551.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 655-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-655-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2007-2835

Multiple stack-based buffer overflows in 1 CCEpinyin.c and 2 xlpinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable...

CVE-2007-2835

Multiple stack-based buffer overflows in 1 CCEpinyin.c and 2 xlpinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable...

CVE-2007-2835

This CVE-2007-2835 affects unicon-imc2 3.0.4 (ImmModules/cce/; CCE_pinyin.c and xl_pinyin.c) where multiple stack-based buffer overflows can be triggered by a long HOME environment variable, allowing local users to gain privileges. The vulnerability is local and involves improper handling of envi...

FreeBSD : zhcon -- unauthorized file access (d371b627-6ed5-11d9-bd18-000a95bc6fae)

Martin Joey Schulze reports : Erik Sjound discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files. When installed from the FreeBSD Ports Collection, zhcon is...

CVE-2005-0072

CVE-2005-0072 affects zhcon prior to version 0.2, where the process does not drop privileges before reading a user configuration file, enabling a local user to read arbitrary files. Public sources corroborate a local-privilege issue with zhcon installed via FreeBSD ports and Debian packages. Debi...

CVE-2005-0072

zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files...

CVE-2005-0072

zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files...

[SECURITY] [DSA 655-1] New zhcon packages fix unauthorised file access

-------------------------------------------------------------------------- Debian Security Advisory DSA 655-1 [email protected] http://www.debian.org/security/ Martin Schulze January 25th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 655-1] New zhcon packages fix unauthorised file access

-------------------------------------------------------------------------- Debian Security Advisory DSA 655-1 [email protected] http://www.debian.org/security/ Martin Schulze January 25th, 2005 http://www.debian.org/security/faq -...

Mandrake Linux Security Advisory : zhcon (MDKSA-2005:012)

Erik Sjolund discovered that zhcon accesses a user-controlled configuration file with elevated privileges which could make it possible to read arbitrary files. The updated packages have been patched to prevent these problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

DSA-655-1 zhcon - missing privilege release

Bulletin has no description...

zhcon privilege escalation

Configuration file is accesses with escalated privileges...

MDKSA-2005:012 - Updated zhcon packages fix vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: zhcon Advisory ID: MDKSA-2005:012 Date: January 24th, 2005 Affected versions: 10.0, 10.1 Problem Description: Erik Sjolund discovered that zhcon accesses a user-controlled configuration file with...

Debian DSA-655-1 : zhcon - missing privilege release

Erik Sjolund discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

zhcon -- unauthorized file access

Martin Joey Schulze reports: Erik Sjöund discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files. When installed from the FreeBSD Ports Collection, zhcon is...