DSA-2915-1 dpkg - security update

Bulletin has no description...

CVE-2014-0471

Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...

Debian Security Advisory DSA 2915-1 (dpkg - security update)

Jakub Wilk discovered that dpkg did not correctly parse C-style filename quoting, allowing for paths to be traversed when unpacking a source package - leading to the creation of files outside the directory of the source being unpacked. The update to the stable distribution wheezy incorporates...

Debian: Security Advisory (DSA-2915-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2840-1 : srtp - buffer overflow

Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol SRTP, in how the cryptopolicysetfromprofileforrtp function applies cryptographic profiles to an srtppolicy. A remote attacker could...

Debian DSA-2836-1 : devscripts - arbitrary code execution

Several vulnerabilities have been discovered in uscan, a tool to scan upstream sites for new releases of packages, which is part of the devscripts package. An attacker controlling a website from which uscan would attempt to download a source tarball could execute arbitrary code with the privilege...

Debian DSA-2810-1 : ruby1.9.1 - heap overflow

Charlie Somerville discovered that Ruby incorrectly handled floating point number conversion. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execu...

Ubuntu 12.04 LTS : jockey vulnerability (USN-1957-1)

It was discovered that Jockey was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has...

Debian DSA-2747-1 : cacti - several vulnerabilities

Two vulnerabilities were discovered in Cacti, a web interface for graphing of monitoring systems : - CVE-2013-5588 install/index.php and cacti/host.php suffered from Cross-Site Scripting vulnerabilities. - CVE-2013-5589 cacti/host.php contained a SQL injection vulnerability, allowing an attacker ...

Debian DSA-2733-1 : otrs2 - SQL injection

It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise user-supplied data that is used on SQL queries. An attacker with a valid agent login could exploit this issue to craft SQL queries by injecting arbitrary SQL code through manipulated URLs. %NASLMINLEVEL 70300...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : xorg-server, xorg-server-lts-quantal vulnerability (USN-1803-1)

It was discovered that the X.Org X server did not properly clear input events in certain circumstances. A local attacker with physical access could use this flaw to capture keystrokes. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu securi...

USN-1740-1 : linux-ti-omap4 vulnerability

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator. This script was automatically generated from Ubuntu Security Notice...

Debian DSA-2599-1 : nss - mis-issued intermediates

Google, Inc. discovered that the TurkTrust certification authority included in the Network Security Service libraries nss mis-issued two intermediate CAs which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate CAs. The two existing...

USN-1609-1 : linux-ti-omap4 vulnerability

A flaw was found in how the Linux kernel's KVM Kernel-based Virtual Machine subsystem handled MSI Message Signaled Interrupts. A local unprivileged user could exploit this flaw to cause a denial of service or potentially elevate privileges. This script was automatically generated from Ubuntu...

Debian DSA-2479-1 : libxml2 - off-by-one

Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2479. The text itself is copyright C...

Debian DSA-2472-1 : gridengine - privilege escalation

Dave Love discovered that users who are allowed to submit jobs to a Grid Engine installation can escalate their privileges to root because the environment is not properly sanitized before creating processes. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

Debian DSA-2466-1 : rails - XSS

Sergey Nartimov discovered that in Rails, a Ruby based framework for web development, when developers generate html options tags manually, user input concatenated with manually built tags may not be escaped and an attacker can inject arbitrary HTML into the document. %NASLMINLEVEL 70300 C Tenable...

Ubuntu 10.10 : linux-mvl-dove vulnerabilities (USN-1328-1)

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110. C Tenable...

Debian DSA-2329-1 : torque - buffer overflow

Bartlomiej Balcerek discovered several buffer overflows in TORQUE server, a PBS-derived batch processing server. This allows an attacker to crash the service or execute arbitrary code with privileges of the server via crafted job or host names. The oldstable distribution lenny does not contain...

Debian DSA-2321-1 : moin - XSS

A cross-site scripting vulnerability was discovered in the reStructuredText parser of Moin, a Python clone of WikiWiki. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2321. The text itsel...