Debian: Security Advisory (DSA-379)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 379-1 (sane-backends)

The remote host is missing an update to sane-backends announced via advisory DSA 379-1. OpenVAS Vulnerability Test $Id: deb3791.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 379-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

AWStats is Openly Accessible

The remote web server is running a version of AWStats that seems to be accessible to the entire Internet. Exposing AWStats unprotected to the entire Internet can aid an attacker in gaining further knowledge of the web server and its contents therein. An attacker may gain access to administrative...

[SECURITY] Fedora 7 Update: gallery2-2.2-0.7.svn20070831.fc7

The base Gallery 2 installation - the equivalent of upstream's -minimal package. This package requires a database to be operational. Acceptable database backends include MySQL v 3.x, MySQL v 4.x, PostgreSQL v 7.x, PostgreSQL v 8.x, Oracle 9i, Oracle 10g, DB2, and MS SQL Server. All given package...

Debian DSA-379-1 : sane-backends - several vulnerabilities

Alexander Hvostov, Julien Blache and Aurelien Jarno discovered several security-related problems in the sane-backends package, which contains an API library for scanners including a scanning daemon in the package libsane that can be remotely exploited. These problems allow a remote attacker to...

security flaw

Multiple extfs backend scripts for GNOME virtual file system VFS before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI...

DEBIAN-CVE-2003-0776

saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences...

DEBIAN-CVE-2003-0774

saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service segmentation fault when invalid memory is accessed...

CVE-2003-0775

saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service memory consumption or crash...

CVE-2003-0777

saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service segmentation fault...

CVE-2003-0776

saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences...

CVE-2003-0774

saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service segmentation fault when invalid memory is accessed...

DEBIAN-CVE-2003-0777

saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service segmentation fault...

CVE-2003-0775

saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service memory consumption or crash...

DEBIAN-CVE-2003-0778

saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service memory consumption...

DEBIAN-CVE-2003-0775

saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service memory consumption or crash...

CVE-2003-0778

saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service memory consumption...

sane-backends multiple bugs

Multiple DoS conditions...

[SECURITY] [DSA 379-1] New sane-backends packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 379-1 [email protected] http://www.debian.org/security/ Martin Schulze September 11th, 2003 http://www.debian.org/security/faq -...

CVE-2003-0773

CVE-2003-0773 affects the sane-backends package (SANE) prior to version 1.0.7, where saned does not validate the IP address of the connecting host during the SANE_NET_INIT RPC. This allows remote attackers to access saned services even if saned.conf would restrict them. The issue is part of multi...