Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » Debian

Debian Security Advisories

Here you'll find the latest security advisories from Debian. Our database currently contains 3782 Debian security advisories.
Page: 12... 145 146 147 148 149 150 151 152 out of 152

New gs-common packages fix insecure temporary file creation | DSA 286-1 | April 14, 2003
Paul Szabo discovered insecure creation of a temporary file in ps2epsi, a script that is distributed as part of gs-common which contains common files for different Ghostscript releases. ps2epsiuses

New EPIC packages fix DoS and arbitrary code execution | DSA 287-1 | April 14, 2003
Timo Sirainen discovered several problems in EPIC, a popular client for Internet Relay Chat (IRC). A malicious server could craft special reply strings, triggering the client to write beyond buffer b

New kdegraphics packages fix arbitrary command execution | DSA 284-1 | April 12, 2003
The KDE team discoverd a vulnerability in the way KDE uses Ghostscript software for processing of PostScript (PS) and PDF files. An attacker could provide a malicious PostScript or PDF file via mail o

New glibc packages fix arbitrary code execution | DSA 282-1 | April 09, 2003
eEye Digital Security discovered an integer overflow in the xdrmem_getbytes() function which is also present in GNU libc. This function is part of the XDR (external data representation) encoder/decod

New heimdal packages fix authentication failure | DSA 269-2 | April 09, 2003
Due to overzealous applied patches, the security update DSA 269-1 introduced problems in some installations, causing the hprop service to fail. This is corrected with the update below

New xfsdump packages fix insecure file creation | DSA 283-1 | April 09, 2003
Ethan Benson discovered a problem in xfsdump, that contains administrative utilities for the XFS filesystem. When filesystem quotas are enabled xfsdump runs xfsdq to save the quota information into a

New xftp packages fix arbitrary code execution | DSA 281-1 | April 08, 2003
Knud Erik Hjgaard discovered a vulnerability in moxftp (and xftp respectively), an Athena X interface to FTP. Insufficient bounds checking could lead to execution of arbitrary code, provided by a mal

New mutt packages fix arbitrary code execution in potato | DSA 274-2 | April 07, 2003
Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading. This problem could potentially allo

New metrics packages fix insecure temporary file creation | DSA 279-1 | April 07, 2003
Paul Szabo and Matt Zimmerman discoverd two similar problems in metrics, a tools for software metrics. Two scripts in this package, "halstead" and "gather_stats", open temporary files without taking a

New samba packages fix remote root exploit | DSA 280-1 | April 07, 2003
Digital Defense, Inc. has alerted the Samba Team to a serious vulnerability in, a LanManager-like file and printer server for Unix. This vulnerability can lead to an anonymous user gaining root access

New sendmail packages fix DoS and arbitrary code execution | DSA 278-2 | April 04, 2003
This is a major brown paperbag update. The old packages for the stable distribution (woody) did not work as expected and you should only update to the neww packages mentioned in this advisory. The pac

New sendmail packages fix denial of service | DSA 278-1 | April 04, 2003
Michal Zalewski discovered a buffer overflow, triggered by a char to int conversion, in the address parsing code in sendmail, a widely used powerful, efficient, and scalable mail transport agent. This

New Linux kernel packages (s390) fix local root exploit | DSA 276-1 | April 03, 2003
The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by

New apcupsd packages fix remote root exploit | DSA 277-1 | April 03, 2003
The controlling and management daemon apcupsd for APC's Unbreakable Power Supplies is vulnerable to several buffer overflows and format string attacks. These bugs can be exploited remotely by an attac

New lpr-ppd packages fix local root exploit | DSA 275-1 | April 02, 2003
A buffer overflow has been discovered in lpr, a BSD lpr/lpd line printer spooling system. This problem can be exploited by a local user to gain root privileges, even if the printer system is set up p

New dietlibc packages fix arbitrary code execution | DSA 272-1 | March 28, 2003
eEye Digital Security discovered an integer overflow in the xdrmem_getbytes() function of glibc, that is also present in dietlibc, a small libc useful especially for small and embedded systems. This

New dietlibc packages fix arbitrary code execution | DSA 272-1 | March 28, 2003
eEye Digital Security discovered an integer overflow in the xdrmem_getbytes() function of glibc, that is also present in dietlibc, a small libc useful especially for small and embedded systems. This

New dietlibc packages fix arbitrary code execution | DSA 273-1 | March 28, 2003
A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the k

New mutt packages fix arbitrary code execution | DSA 274-1 | March 28, 2003
Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading. This problem could potentially allo

New Linux kernel packages (mips + mipsel) fix local root exploit | DSA 270-1 | March 27, 2003
The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned b

New ecartis and listar packages fix password change vulnerability | DSA 271-1 | March 27, 2003
A problem has been discovered in ecartis, a mailing list manager, formerly known as listar. This vulnerability enables an attacker to reset the password of any user defined on the list server, includi

New heimdal packages fix authentication failure | DSA 269-1 | March 26, 2003
A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the k

New mutt packages fix arbitrary code execution | DSA 268-1 | March 25, 2003
Core Security Technologies discovered a buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading. This problem allows a remote malicious IMAP

New lpr packages fix local root exploit | DSA 267-1 | March 24, 2003
A buffer overflow has been discovered in lpr, a BSD lpr/lpd line printer spooling system. This problem can be exploited by a local user to gain root privileges, even if the printer system is set up p

New bonsai packages fix several vulnerabilities | DSA 265-1 | March 21, 2003
Rmi Perrot fixed several security related bugs in the bonsai, the Mozilla CVS query tool by web interface. Vulnerabilities include arbitrary code execution, cross-site scripting and access to configu

Page: 12... 145 146 147 148 149 150 151 152 out of 152

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »