Thinking OPEN

Posts Tagged ‘debian_linux’

Debian Linux 4.0 and prior [Medium]

By Security Team • Oct 30th, 2007 • Category: Security Notifications

vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file….

CVE Identifier: CVE-2007-5718
Vulnerability Type(s):
Severity: Medium


Debian Linux 4.0 and prior [Medium]

By Security Team • Oct 28th, 2007 • Category: Security Notifications

(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm….

CVE Identifier: CVE-2007-3919
Vulnerability Type(s):
Severity: Medium


Debian Linux 4.1.2 and prior [Medium]

By Security Team • Oct 4th, 2007 • Category: Security Notifications

The default configuration for twiki 4.1.2 on Debian GNU/Linux, and possibly other operating systems, specifies the work area directory (cfg{RCS}{WorkAreaDir}) under the web document root, which might allow remote attackers to obtain sensitive information when .htaccess restrictions are not applied….

CVE Identifier: CVE-2007-5193
Vulnerability Type(s):
Severity: Medium


Debian Linux 4.0 and prior [Low]

By Security Team • Jul 3rd, 2007 • Category: Security Notifications

The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file….

CVE Identifier: CVE-2007-2837
Vulnerability Type(s):
Severity: Low


Debian Linux 4.0 and prior [High]

By Security Team • Jul 2nd, 2007 • Category: Security Notifications

The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file….

CVE Identifier: CVE-2007-2838
Vulnerability Type(s):
Severity: High


Debian Linux 3.0.4 and prior [Medium]

By Security Team • Jul 2nd, 2007 • Category: Security Notifications

Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable….

CVE Identifier: CVE-2007-2835
Vulnerability Type(s):
Severity: Medium


Debian Linux 2005-04-11 and prior [Medium]

By Security Team • Jun 26th, 2007 • Category: Security Notifications

Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service….

CVE Identifier: CVE-2007-1663
Vulnerability Type(s):
Severity: Medium


Debian Linux 2005-04-11 and prior [Medium]

By Security Team • Jun 26th, 2007 • Category: Security Notifications

ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality….

CVE Identifier: CVE-2007-1664
Vulnerability Type(s):
Severity: Medium


Debian Linux 2005-04-11 and prior [Medium]

By Security Team • Jun 26th, 2007 • Category: Security Notifications

Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service….

CVE Identifier: CVE-2007-1665
Vulnerability Type(s):
Severity: Medium


Debian Linux 4.0 and prior [Medium]

By Security Team • May 11th, 2007 • Category: Security Notifications

pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued….

CVE Identifier: CVE-2007-0244
Vulnerability Type(s):
Severity: Medium


« Older Entries
Newer Entries »