Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » Debian

Debian Security Advisories

Here you'll find the latest security advisories from Debian. Our database currently contains 3782 Debian security advisories.
Page: 12... 145 146 147 148 149 150 151 152 out of 152

New eterm packages fix buffer overflow | DSA 309-1 | June 06, 2003
"bazarr" discovered that eterm is vulnerable to a buffer overflow of the ETERMPATH environment variable. This bug can be exploited to gain the privileges of the group "utmp" on a system where eterm is

New eterm packages fix error introduced in DSA-309-1 | DSA 309-2 | June 06, 2003
A buffer overflow was fixed in DSA-309-1, but a different error was introduced in the handling of the ETERMPATH environment variable. This bug was not security-related, but would cause this environmen

New gps packages fix multiple vulnerabilities | DSA 307-1 | May 27, 2003
gPS is a graphical application to watch system processes. In release 1.1.0 of the gps package, several security vulnerabilities were fixed, as detailed in the changelog.

New BitchX packages fix DoS and arbitrary code execution | DSA 306-1 | May 19, 2003
Timo Sirainen discovered several problems in BitchX, a popular client for Internet Relay Chat (IRC). A malicious server could craft special reply strings, triggering the client to write beyond buffer

New lv packages fix local privilege escalation | DSA 304-1 | May 15, 2003
Leonard Stiles discovered that lv, a multilingual file viewer, would read options from a configuration file in the current directory. Because such a file could be placed there by a malicious user, and

New mysql packages fix multiple vulnerabilities | DSA 303-1 | May 15, 2003
Leonard Stiles discovered that lv, a multilingual file viewer, would read options from a configuration file in the current directory. Because such a file could be placed there by a malicious user, and

New sendmail packages fix insecure temporary file creation | DSA 305-1 | May 15, 2003
Paul Szabo discovered bugs in three scripts included in the sendmail package where temporary files were created insecurely (expn, checksendmail and doublebounce.pl). These bugs could allow an attacker

New Balsa packages fix buffer overflow | DSA 300-1 | May 06, 2003
Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading. This code is imported in the Balsa

New leksbot packages fix improper setuid-root execution | DSA 299-1 | May 06, 2003
Maurice Massar discovered that, due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root. This program was not designed to run setuid, and contained multiple vuln

New libgtop packages fix buffer overflow | DSA 301-1 | May 06, 2003
The gtop daemon, used for monitoring remote machines, contains a buffer overflow which could be used by an attacker to execute arbitrary code with the privileges of the daemon process. If started as r

New EPIC4 packages fix DoS and arbitrary code execution | DSA 298-1 | May 02, 2003
Timo Sirainen discovered several problems in EPIC4, a popular client for Internet Relay Chat (IRC). A malicious server could craft special reply strings, triggering the client to write beyond buffer b

New snort packages fix remote root exploits | DSA 297-1 | May 01, 2003
Two vulnerabilities have been discoverd in Snort, a popular network intrusion detection system. Snort comes with modules and plugins that perform a variety of functions such as protocol analysis.

New pptpd packages fix remote root exploit | DSA 295-1 | April 30, 2003
Timo Sirainen discovered a vulnerability in pptpd, a Point to Point Tunneling Server, which implements PPTP-over-IPSEC and is commonly used to create Virtual Private Networks (VPN). By specifying a sm

New kdebase packages fix arbitrary command execution | DSA 296-1 | April 30, 2003
The KDE team discoverd a vulnerability in the way KDE uses Ghostscript software for processing of PostScript (PS) and PDF files. An attacker could provide a malicious PostScript or PDF file via mail o

New mime-support packages really fix temporary file race conditions | DSA 292-3 | April 30, 2003
I am awfully and sincerely sorry. Apparently, I wasn't able to assign enough time to this issue and produced insufficiently tested updates. I'll do my best not to repeat this. This update fixes the s

New gkrellm-newsticker packages fix DoS and arbitrary command execution | DSA 294-1 | April 23, 2003
Brian Campbell discovered two security-related problems in gkrellm-newsticker, a plugin for the gkrellm system monitor program, which provides a news ticker from RDF feeds.

New ircII packages fix DoS and arbitrary code execution | DSA 291-1 | April 22, 2003
Timo Sirainen discovered several problems in ircII, a popular client for Internet Relay Chat (IRC). A malicious server could craft special reply strings, triggering the client to write beyond buffer b

New mime-support packages fix temporary file race conditions | DSA 292-1 | April 22, 2003
Colin Phipps discovered several problems in mime-support, that contains support programs for the MIME control files 'mime.types' and 'mailcap'. When a temporary file is to be used it is created insecu

New kdelibs packages fix arbitrary command execution | DSA 293-1 | April 22, 2003
The KDE team discoverd a vulnerability in the way KDE uses Ghostscript software for processing of PostScript (PS) and PDF files. An attacker could provide a malicious PostScript or PDF file via mail o

New sendmail-wide packages fix DoS and arbitrary code execution | DSA 290-1 | April 17, 2003
Michal Zalewski discovered a buffer overflow, triggered by a char to int conversion, in the address parsing code in sendmail, a widely used powerful, efficient, and scalable mail transport agent. This

New OpenSSL packages fix decipher vulnerability | DSA 288-1 | April 17, 2003
Researchers discovered two flaws in OpenSSL, a Secure Socket Layer (SSL) library and related cryptographic tools. Applications that are linked against this library are generally vulnerable to attacks

New rinetd packages fix denial of service | DSA 289-1 | April 17, 2003
Sam Hocevar discovered a security problem in rinetd, an IP connection redirection server. When the connection list is full, rinetd resizes the list in order to store the new incoming connection. Howe

New lpr packages fix local root exploit (potato) | DSA 267-2 | April 15, 2003
The correction for CAN-2003-0144 for the old stable distribution (potato) was a little bit too strict apparently and this update corrects this.

New lprng packages fix insecure temporary file creation | DSA 285-1 | April 14, 2003
Karol Lewandowski discovered that psbanner, a printer filter that creates a PostScript format banner and is part of LPRng, insecurely creates a temporary file for debugging purpose when it is configur

Page: 12... 145 146 147 148 149 150 151 152 out of 152

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »