Section: .. / advisories / debian /
| /// File Name: |
dsa-1017-1.txt |
Description:
|
Debian Security Advisory DSA 1017-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 69712 | | Last Modified: | Apr 5 00:15:43 2006 |
| MD5 Checksum: | cdb76f5f9eff9a3337e81651d36d8915 |
|
| /// File Name: |
dsa-1018-1.txt |
Description:
|
Debian Security Advisory DSA 1018-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 49961 | | Last Modified: | Apr 5 00:17:51 2006 |
| MD5 Checksum: | 37e753b6ecf40ba0e936845a971ad588 |
|
| /// File Name: |
debian.X.txt |
Description:
|
Debian Security Advisory DSA-030-1 - XFree86 3.3.6 contains local vulnerabilities - Upgrade to a patched version of 3.3.6.
| | Homepage: | http://www.debian.org/security | | File Size: | 26933 | | Last Modified: | Feb 14 08:15:31 2001 |
| MD5 Checksum: | bad13e6d42c27cfa14c8a38990de5a28 |
|
| /// File Name: |
dsa-1019-1.txt |
Description:
|
Debian Security Advisory DSA 1019-1 - Derek Noonburg has fixed several potential vulnerabilities in xpdf, the Portable Document Format (PDF) suite, which is also present in koffice, the KDE Office Suite.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 24859 | | Last Modified: | Apr 5 00:16:12 2006 |
| MD5 Checksum: | 69e7226c576237551049f0fc32bf37ed |
|
| /// File Name: |
debian.php3.txt |
Description:
|
Debian Security Advisory - In versions of the PHP 3 packages before version 3.0.17, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server, particularly if error logging was enabled.
| | Homepage: | http://www.debian.org/security | | File Size: | 23477 | | Last Modified: | Oct 15 21:26:43 2000 |
| MD5 Checksum: | 18253553df53dfe8b1817fbb1267eb33 |
|
| /// File Name: |
debian.php4-dos.txt |
Description:
|
Debian Security Advisory DSA-020-1 - A vulnerability has been found in PHP4 v4.0.4 and below which crashes PHP and sends the source to the client instead of executing it.
| | Homepage: | http://www.debian.org/security | | File Size: | 18270 | | Last Modified: | Jan 26 09:00:26 2001 |
| MD5 Checksum: | a119652d3773c86351c778714a10c380 |
|
| /// File Name: |
DSA-168-1 |
Description:
|
Debian security advisory DSA 168-1 - Debian released new PHP packages that fix newline character injection in several PHP functions. Additionally, these packages correct a bug in PHP that allow a safe_mode restriction to be bypassed.
| | Homepage: | http://www.debian.org/security/ | | File Size: | 18239 | | Last Modified: | Sep 20 11:37:25 2002 |
| MD5 Checksum: | 9c57f408ce3277629fe1cb49c1438647 |
|
| /// File Name: |
dsa-1015-1.txt |
Description:
|
Debian Security Advisory DSA 1015-1 - Mark Dowd discovered a flaw in the handling of asynchronous signals in sendmail, a powerful, efficient, and scalable mail transport agent. This allows a remote attacker may to exploit a race condition to execute arbitrary code as root.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 18217 | | Last Modified: | Mar 31 12:13:30 2006 |
| MD5 Checksum: | 445b8a7a92fe45f0b360bc2d124c701c |
|
| /// File Name: |
debian.php4.txt |
Description:
|
Debian Security Advisory - In versions of the PHP 4 packages before version 4.0.3, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server.
| | Homepage: | http://www.debian.org/security | | File Size: | 17412 | | Last Modified: | Oct 15 21:28:56 2000 |
| MD5 Checksum: | 2283301130af7e6d0a0b53bf93cb998c |
|
| /// File Name: |
debian.kernel.txt |
Description:
|
Debian Security Advisory DSA-047-1 - The kernels used in Debian GNU/Linux 2.2 have been found to have a dozen security problems. Upgrade to 2.2.19!
| | Homepage: | http://www.debian.org/security | | File Size: | 12068 | | Last Modified: | Apr 17 03:03:17 2001 |
| MD5 Checksum: | def0b294fedf656925d71fa76f3aab2c |
|
| /// File Name: |
dsa-1016-1.txt |
Description:
|
Debian Security Advisory DSA 1016-1 - Ulf Härnhammar discovered several format string vulnerabilities in Evolution, a free groupware suite, that could lead to crashes of the application or the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 11782 | | Last Modified: | Apr 5 00:15:13 2006 |
| MD5 Checksum: | 7aaa4ec433e22eb804294433aee764aa |
|
| /// File Name: |
debian.glibc-overwrite.txt |
Description:
|
Debian Security Advisory DSA-039-1 - The version of GNU libc that was distributed with Debian GNU/Linux 2.2 suffered from 2 security problems - It was possible to use LD_PRELOAD to load libraries that are listed in /etc/ld.so.cache, even for suid programs, allowing users to create and overwrite files which they should not be able to. In addition, by using LD_PROFILE suid programs would write data to a file in /var/tmp, which was not done safely. Both problems have been fixed in version 2.1.3-17 and we recommend that you upgrade your glibc packages immediately.
| | Homepage: | http://www.debian.org/security | | File Size: | 10082 | | Last Modified: | Mar 14 03:45:13 2001 |
| MD5 Checksum: | d0fdc8d182392ec39f7cea8e028c33c8 |
|
| /// File Name: |
debian.xemacs.txt |
Description:
|
Debian Security Advisory DSA-042-1 - Gnuserv, a remote control facility for Emacsen which is available as standalone program as well as included in XEmacs21, has a buffer overflow which can be exploited to make the cookie comparison always succeed.
| | Homepage: | http://www.debian.org/security | | File Size: | 8652 | | Last Modified: | Mar 15 23:57:39 2001 |
| MD5 Checksum: | a895bc2064bcdf6c3fabf251ccf82017 |
|
| /// File Name: |
debian.gaim.txt |
Description:
|
Debian Security Advisory 158-1 - Gaim uses URL's retrieved from message in command-line execution of the web browser without filtering these URL's first. This issue has been fixed by the Gaim developers in version 0.59.1.
| | Homepage: | http://www.debian.org/security/ | | File Size: | 8551 | | Last Modified: | Aug 28 06:10:44 2002 |
| MD5 Checksum: | 00a491c02a913d2f8d050e08d75f4389 |
|
| /// File Name: |
debian.sendmail.txt |
Description:
|
The version of sendmail and sendmail-wide that was distributed with Debian GNU/Linux 2.1 has a slight problem in the code to regenerate the aliases database. Sendmail allowed any user to run sendmail with the -bi option to (re)initialize the aliases database. The user could then interrupt sendmail and leave the system with a broken aliases database. This has been fixed in version 8.9.3-3slink1 by only allowing root and trusted users to regenerate the aliases database. Debian security homepage here.
| | File Size: | 8204 | | Last Modified: | Dec 7 18:15:17 1999 |
| MD5 Checksum: | d724290163864d34d014fa8e4be217fc |
|
| /// File Name: |
debian.cupsys.txt |
Description:
|
Debian Security Advisory - CUPS allows remote users to abuse print services.
| | Homepage: | http://www.debian.org/security | | File Size: | 7917 | | Last Modified: | Nov 21 02:00:50 2000 |
| MD5 Checksum: | bd97619b8a79fb7145543b113e82d844 |
|
| /// File Name: |
debian.samba.txt |
Description:
|
Debian Security Advisory DSA-048-1 - Samba does not use temp files correctly, allowing local attackers to trick samba into overwriting arbitrary files. Both problems have been fixed in version 2.0.7-3.2.
| | Homepage: | http://www.debian.org/security | | File Size: | 7465 | | Last Modified: | Apr 19 23:45:08 2001 |
| MD5 Checksum: | 0c27853b96d028c8492f08fb1cfea918 |
|
| /// File Name: |
debian.ncurses.txt |
Description:
|
Debian Security Advisory - The version of the ncurses display library shipped with Debian GNU/Linux 2.2 is vulnerable to several buffer overflows in the parsing of terminfo database files. The problems are only exploitable in the presence of setuid binaries linked to ncurses which use these particular functions, including xmcd versions before 2.5pl1-7.1.
| | Homepage: | http://www.debian.org/security | | File Size: | 7266 | | Last Modified: | Nov 26 02:51:06 2000 |
| MD5 Checksum: | ffb4a5ae5913af306bf296cf5dbee114 |
|
| /// File Name: |
debian.dhcp.txt |
Description:
|
Debian Security Advisory - The versions of the ISC DHCP client in Debian 2.1 are vulnerable to a root exploit. A previous Debian security advisory addressed this issue with package versions 2.0b1pl6-0.3 and 2.0-3potato1, but ISC has released a newer patch since the original advisory. You should install the latest packages even if you upgraded when the last advisory was released.
| | Homepage: | http://www.debian.org/security | | File Size: | 7190 | | Last Modified: | Jul 28 20:32:21 2000 |
| MD5 Checksum: | 95e1ed9433a62ac57ffa2f3eef8a72ff |
|
| /// File Name: |
debian.netscape.txt |
Description:
|
Debian Security Advisory DSA 051-1 - The Netscape browser does not escape the GIF file comment in the image information page. This allows javascript execution in the "about:" protocol and can for example be used to upload the History (about:global) to a webserver, thus leaking private information. This problem has been fixed upstream in Netscape 4.77.
| | Homepage: | http://www.debian.org/security | | File Size: | 6564 | | Last Modified: | Apr 25 02:42:35 2001 |
| MD5 Checksum: | 984c52b183d287162a14a8af92a5cc7d |
|
| /// File Name: |
debian.inn2.txt |
Description:
|
Debian Security Advisory DSA-023-1 - Inn2 uses insecure tempfiles in several places.
| | Homepage: | http://www.debian.org/security | | File Size: | 6443 | | Last Modified: | Jan 31 21:33:23 2001 |
| MD5 Checksum: | fdb23f19eb7bd020b0fb21bccc662b4e |
|
| /// File Name: |
debian.bind2.txt |
Description:
|
Debian Security Advisory DSA-026-1 - BIND 8 suffered from several buffer overflows which affect Debian distributions. It is possible to construct an inverse query that allows the stack to be read remotely exposing environment variables.
| | Homepage: | http://www.debian.org/security | | File Size: | 6067 | | Last Modified: | Feb 1 00:28:03 2001 |
| MD5 Checksum: | 2bf9801181e5a8a74736438a87c6d756 |
|
| /// File Name: |
debian.apache.txt |
Description:
|
Debian Security Advisory DSA-021-1 - The mod_rewrite module for Apache has a remote vulnerability which may allow a remote attacker to gain access to arbitrary files. Users of the mod_rewrite module are advised to upgrade. In addition, htdigest and htpasswd use tempfiles insecurely. Since they are not setuid, impact is minimal.
| | Homepage: | http://www.debian.org/security | | File Size: | 5806 | | Last Modified: | Jan 27 08:00:39 2001 |
| MD5 Checksum: | 077ed523f7eb1d0e211fd199c015a301 |
|
| /// File Name: |
debian.xchat.txt |
Description:
|
Debian Linux Security Advisories - The version of X-Chat that was distributed with Debian GNU/Linux 2.2 has a vulnerability in the URL handling code: when a user clicks on a URL X-Chat will start netscape to view its target. However it did not check the URL for shell metacharacters, and this could be abused to trick xchat into executing arbitraty commands. This has been fixed in version 1.4.3-0.1, and we recommend you upgrade your xchat package(s) immediately.
| | Homepage: | http://www.debian.org/security/ | | File Size: | 5779 | | Last Modified: | Aug 30 23:51:36 2000 |
| MD5 Checksum: | b218e3f1f14c5305850f41f6073e130b |
|
| /// File Name: |
debian.squid.txt |
Description:
|
Debian Security Advisory DSA-019-1 - A tempfile bug has been found in Squid v2.3stable4 when it sends out email messages about updates.
| | Homepage: | http://www.debian.org/security | | File Size: | 5723 | | Last Modified: | Jan 26 08:57:10 2001 |
| MD5 Checksum: | b2149c26559a825338d5a3791123baae |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
