Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » Debian

Debian Security Advisories

Here you'll find the latest security advisories from Debian. Our database currently contains 3782 Debian security advisories.
Page: 12... 145 146 147 148 149 150 151 152 out of 152

New Linux 2.4.17 source code and MIPS kernel images fix several vulnerabilities | DSA 332-1 | June 27, 2003
A number of vulnerabilities have been discovered in the Linux kernel.
» CVE-2002-0429 Low: The iBCS routines in arch/i386/kernel/ (0.00)

New acm packages fix integer overflow | DSA 333-1 | June 27, 2003
acm, a multi-player aerial combat simulation, uses a network protocol based on the same RPC implementation used in many C libraries. This implementation was found to contain an integer overflow vulner
» CVE-2002-0391 Low: Integer overflow in xdr_array function (0.00)

New tcptraceroute packages fix failure to drop root privileges | DSA 330-1 | June 23, 2003
tcptraceroute is a setuid-root program which drops root privileges after obtaining a file descriptor used for raw packet capture. However, it did not fully relinquish all privileges, and in the event

New osh packages fix buffer overflows | DSA 329-1 | June 20, 2003
Steve Kemp discovered that osh, a shell intended to restrict the actions of the user, contains two buffer overflows, in processing environment variables and file redirections. These vulnerabilities co

New orville-write packages fix buffer overflows | DSA 326-1 | June 19, 2003
Orville Write, a replacement for the standard write(1) command, contains a number of buffer overflows. These could be exploited to gain either gid tty or root privileges, depending on the configuratio

New xbl packages fix buffer overflows | DSA 327-1 | June 19, 2003
Steve Kemp discovered several buffer overflows in xbl, a game, which can be triggered by long command line arguments. This vulnerability could be exploited by a local attacker to gain gid 'games'.

New webfs packages fix buffer overflow | DSA 328-1 | June 19, 2003
Steve Kemp discovered several buffer overflows in xbl, a game, which can be triggered by long command line arguments. This vulnerability could be exploited by a local attacker to gain gid 'games'.

New ethereal packages fix multiple vulnerabilities | DSA 324-1 | June 18, 2003
Several of the packet dissectors in ethereal contain string handling bugs which could be exploited using a maliciously crafted packet to cause ethereal to consume excessive amounts of memory, crash, o

New jnethack packages fix buffer overflow, incorrect permissions | DSA 316-3 | June 17, 2003
The jnethack package is vulnerable to a buffer overflow exploited via a long '-s' command line option. This vulnerability could be used by an attacker to gain gid 'games' on a system where jnethack is

New typespeed packages fix buffer overflow | DSA 322-1 | June 16, 2003
Typespeed is a game which challenges the player to type words correctly and quickly. It contains a network play mode which allows players on different systems to play competitively. The network code c

New noweb packages fix insecure temporary file creation | DSA 323-1 | June 16, 2003
Jakob Lell discovered a bug in the 'noroff' script included in noweb whereby a temporary file was created insecurely. During a review, several other instances of this problem were found and fixed. An

New mikmod packages fix buffer overflow | DSA 320-1 | June 13, 2003
Ingo Saitz discovered a bug in mikmod whereby a long filename inside an archive file can overflow a buffer when the archive is being read by mikmod.

New radiusd-cistron packages fix buffer overflow | DSA 321-1 | June 13, 2003
radiusd-cistron contains a bug allowing a buffer overflow when a long NAS-Port attribute is received. This could allow a remote attacker to execute arbitrary code on the with the privileges of the RAD

New lyskom-server packages fix denial of service | DSA 318-1 | June 12, 2003
Calle Dybedahl discovered a bug in lyskom-server which could result in a denial of service where an unauthenticated user could cause the server to become unresponsive as it processes a large query.

New webmin packages fix remote session ID spoofing | DSA 319-1 | June 12, 2003
miniserv.pl in the webmin package does not properly handle metacharacters, such as line feeds and carriage returns, in Base64-encoded strings used in Basic authentication. This vulnerability allows

New ethereal packages fix buffer overflows, integer overflows | DSA 313-1 | June 11, 2003
Timo Sirainen discovered several vulnerabilities in ethereal, a network traffic analyzer. These include one-byte buffer overflows in the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, S

New atftp packages fix buffer overflow | DSA 314-1 | June 11, 2003
Rick Patel discovered that atftpd is vulnerable to a buffer overflow when a long filename is sent to the server. An attacker could exploit this bug remotely to execute arbitrary code on the server.

New gnocatan packages fix buffer overflows, denial of service | DSA 315-1 | June 11, 2003
Rick Patel discovered that atftpd is vulnerable to a buffer overflow when a long filename is sent to the server. An attacker could exploit this bug remotely to execute arbitrary code on the server.

New nethack packages fix buffer overflow, incorrect permissions | DSA 316-1 | June 11, 2003
The nethack package is vulnerable to a buffer overflow exploited via a long '-s' command line option. This vulnerability could be used by an attacker to gain gid 'games' on a system where nethack is i

New slashem packages fix buffer overflow | DSA 316-2 | June 11, 2003
The slashem package is vulnerable to a buffer overflow exploited via a long '-s' command line option. This vulnerability could be used by an attacker to gain gid 'games' on a system where slashem is i

New cupsys packages fix denial of service | DSA 317-1 | June 11, 2003
The CUPS print server in Debian is vulnerable to a denial of service when an HTTP request is received without being properly terminated.

New powerpc kernel fixes several vulnerabilities | DSA 312-1 | June 09, 2003
A number of vulnerabilities have been discovered in the Linux kernel.
» CVE-2002-0429 Low: The iBCS routines in arch/i386/kernel/ (0.00)

New kernel packages fix several vulnerabilities | DSA 311-1 | June 08, 2003
A number of vulnerabilities have been discovered in the Linux kernel.
» CVE-2002-0429 Low: The iBCS routines in arch/i386/kernel/ (0.00)

New xaos packages fix improper setuid-root execution | DSA 310-1 | June 08, 2003
XaoS, a program for displaying fractal images, is installed setuid root on certain architectures in order to use svgalib, which requires access to the video hardware. However, it is not designed for s

New gzip packages fix insecure temporary file creation | DSA 308-1 | June 06, 2003
Paul Szabo discovered that znew, a script included in the gzip package, creates its temporary files without taking precautions to avoid a symlink attack (CAN-2003-0367).
» CVE-1999-1332 Low: gzexe in the gzip package on Red Hat L (0.00)

Page: 12... 145 146 147 148 149 150 151 152 out of 152

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »