CVE-2011-4613

The CVE-2011-4613 issue affects the X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux, where input TTY verification can bypass access restrictions by misinterpreting stdin as the console TTY. This is a local vulnerability that could allow bypassing restrictions during X sta...

CVE-2008-4306

CVE-2008-4306 is a buffer overflow in GNU enscript prior to 1.6.4 (noted in multiple advisories). Vulnerability arises from the handling of special escapes (-e), specifically in the read_special_escape path, enabling potential arbitrary code execution when a crafted ASCII file is opened with ensc...

CVE-2008-2285

CVE-2008-2285 stems from ssh-vulnkey failing to recognize authorized_keys lines containing options, enabling exploitation links to CVE-2008-0166 via weak OpenSSL PRNG. The underlying issue (CVE-2008-0166) is Debian/OpenSSL PRNG predictability caused by seeding with PID alone, drastically limiting...

CVE-2009-1601

The CVE-2009-1601 details a vulnerability in the Ubuntu clamav-milter.init script: the clamav-milter package (before 0.95.1+dfsg-1ubuntu1.2 on Ubuntu 9.04) causes the current working directory to be owned by the clamav user, potentially letting local users bypass access restrictions via read/writ...

CVE-2009-1573

What is affected. xvfb-run 1.6.1 (Debian/Ubuntu/Fedora and possibly other OSes) has the flaw. The root cause described in the CVE context is that the X11 magic cookie (MCOOKIE) is exposed on the command line, which can be discovered by local users. Impact. Local privilege escalation by listing th...

CVE-2008-6792

CVE-2008-6792 affects system-tools-backends up to version 2.6.0-1ubuntu1.1 used by GNOME System Tools' Users and Groups. The root cause is the use of 3DES to hash passwords, which constrains password lengths to eight characters and facilitates context-dependent brute-force attempts. Affected envi...