7 matches found
CVE-2005-0072
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files...
DSA-655-1 zhcon - missing privilege release
Bulletin has no description...
MDKSA-2005:012 - Updated zhcon packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: zhcon Advisory ID: MDKSA-2005:012 Date: January 24th, 2005 Affected versions: 10.0, 10.1 Problem Description: Erik Sjolund discovered that zhcon accesses a user-controlled configuration file with...
Debian DSA-655-1 : zhcon - missing privilege release
Erik Sjolund discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
CVE-2005-0072
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files...
CVE-2005-0072
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files...
CVE-2005-0072
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files...