[CLOSE] OSVDB ID : 1303 - Disclosed: 2000-04-28

Description:

(Description Provided by CVE) : Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable.

[CLOSE] OSVDB ID : 32083 - Disclosed: 2007-02-19

Description:

(Description Provided by CVE) : Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.

[CLOSE] OSVDB ID : 31043 - Disclosed: 2006-05-30

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in includes/common.php in gnopaste 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.

[CLOSE] OSVDB ID : 33616 - Disclosed: 2007-01-29

Description:

(Description Provided by CVE) : ** DISPUTED ** PHP remote file inclusion vulnerability in index.php in gnopaste 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the GNP_REAL_PATH parameter. NOTE: CVE and a third party dispute this issue, since GNP_REAL_PATH is a constant, not a variable.

[CLOSE] OSVDB ID : 1593 - Disclosed: 2000-10-02

Description:

(Description Provided by CVE) : GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack.

[CLOSE] OSVDB ID : 31768 - Disclosed: 2006-12-05

Description:

(Description Provided by CVE) : The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file.

[CLOSE] OSVDB ID : 9176 - Disclosed: 2004-08-24

Description:

GNU a2ps contains a flaw that may allow a malicious user to execute arbitrary files. The issue is triggered when a user uses a wildcard in a2ps filenames from within a world writeable directory. It is possible that the flaw may allow arbitrary code execution, resulting in a loss of confidentiality and/or integrity.

[CLOSE] OSVDB ID : 12844 - Disclosed: 2004-12-27

Description:

(Description Provided by CVE) : The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.

[CLOSE] OSVDB ID : 12845 - Disclosed: 2004-12-27

Description:

(Description Provided by CVE) : The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.

[CLOSE] OSVDB ID : 49560 - Disclosed: 2008-09-11

Description:

(Description Provided by CVE) : GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the product's intended role in a trusted environment.

[CLOSE] OSVDB ID : 6732 - Disclosed: 2004-02-28

Description:

(Description Provided by CVE) : Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string.

[CLOSE] OSVDB ID : 4100 - Disclosed: 2004-02-28

Description:

(Description Provided by CVE) : Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c.

[CLOSE] OSVDB ID : 16429 - Disclosed: 2003-08-19

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 4159 - Disclosed: 2004-03-09

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 61210 - Disclosed: 2009-12-08

Description:

(Description Provided by CVE) : The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete.

[CLOSE] OSVDB ID : 27960 - Disclosed: 2006-08-17

Description:

A vulnerability which affects the as_bad() function of the GNU Binutils Assembler can be exploited by tricking a user into assembling a specially crafted source file. Successful exploitation can execute arbitrary code under the context of the logged on user.

[CLOSE] OSVDB ID : 29482 - Disclosed: 2005-07-14

Description:

(Description Provided by CVE) : Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.

[CLOSE] OSVDB ID : 25711 - Disclosed: 2006-04-18

Description:

(Description Provided by CVE) : Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.

[CLOSE] OSVDB ID : 78316 - Disclosed: 2011-05-05

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

[CLOSE] OSVDB ID : 61791 - Disclosed: 2009-12-10

Description:

(Description Provided by CVE) : nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.

[CLOSE] OSVDB ID : 74883 - Disclosed: 2011-03-03

Description:

(Description Provided by CVE) : The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.

[CLOSE] OSVDB ID : 68721 - Disclosed: 2010-10-18

Description:

The weakness is caused due to dynamic linker expanding the "$ORIGIN" substitution for privileged applications, which can be exploited to gain escalated privileges by e.g. hard linking to a setuid application and forcing the expansion of "$ORIGIN" via "LD_AUDIT".

[CLOSE] OSVDB ID : 68920 - Disclosed: 2010-10-22

Description:

GNU C Library contains a flaw related to 'ld.so' failing to properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects as audit objects. This may allow a local attacker to gain elevated privileges via an unsafe DSO located in a trusted library directory.

[CLOSE] OSVDB ID : 72796 - Disclosed: 2011-02-24

Description:

A memory corruption flaw exists in glibc. fnmatch() fails to sanitize user-supplied UTF8 strings resulting in memory corruption, allowing a context-dependent attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 75261 - Disclosed: 2011-05-11

Description:

(Description Provided by CVE) : ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program.

[CLOSE] OSVDB ID : 65077 - Disclosed: 2010-05-02

Description:

(Description Provided by CVE) : Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.

[CLOSE] OSVDB ID : 74278 - Disclosed: 2009-10-26

Description:

(Description Provided by CVE) : ** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc."

[CLOSE] OSVDB ID : 73407 - Disclosed: 2010-11-15

Description:

(Description Provided by CVE) : locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.

[CLOSE] OSVDB ID : 65078 - Disclosed: 2010-04-22

Description:

(Description Provided by CVE) : The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.

[CLOSE] OSVDB ID : 72100 - Disclosed: 2011-04-08

Description:

(Description Provided by CVE) : Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.