139 matches found
[SECURITY] Fedora 42 Update: apt-3.1.15-2.fc42
This package provides commandline tools for searching and managing as well as querying information about packages as a low-level access to all features of the libapt-pkg library. These include: apt-get for retrieval of packages and information about them from authenticated sources and for...
EUVD-2014-6159
Malware in sbrugna...
EUVD-2009-1356
Malware in sbrugna...
Virtuozzo Hybrid Server 7.5 Update 7 (7.5.7-129)
Virtuozzo Hybrid Server 7.5 Update 7 introduces a way to convert system containers to virtual machines, support for Ubuntu 24.04 LTS, and bug fixes. Additionally, it provides a new kernel 3.10.0-1160.119.1.vz7.224.4. Vulnerability id: PSBM-159393 Memory corruption leading to a crash in nodes in...
Debian: Security Advisory (DLA-0005-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Vulnerability fixed in x.org
A vulnerability has been fixed in X.org. A malicious person could exploit the vulnerability to appropriate elevated privileges within the X server and thus potentially execute arbitrary code with application privileges. Under usual circumstances, an X server runs with limited permissions. -= Debi...
Vulnerability fixed in Tomcat
Two vulnerabilities have been discovered in the Tomcat servlet and the JSP engine, which could lead to information disclosure or denial of service. -= Debian =- Debian has made updates to tomcat9 available for Debian 10.0 Buster to address the vulnerabilities. You can install the custom packages ...
Vulnerabilities fixed in cURL
Vulnerabilities have been fixed in cURL.The vulnerabilities allow a remote malicious person the ability to obtain sensitive information obtain. To do so, the malicious party must induce the victim to visit a server under the control of the malicious party. -= Debian =- Debian has made updates to...
Vulnerabilities fixed in Ghostscript
Vulnerabilities have been fixed in Ghostscript. The vulnerabilities allow a malicious party to cause a denial-of-service cause and to execute arbitrary code under the privileges of the user. -= Ubuntu =- Canonical has made updates available for Ubuntu 16.04 LTS and 18.04 LTS to fix the...
Sparrow-Wifi - Next-Gen GUI-based WiFi And Bluetooth Analyzer For Linux
Sparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most basic it provides a more comprehensive GUI-based replacement for tools like inSSIDer and linssid that runs specifically on linux. In its most comprehensive use case...
Debian DLA-1862-1 : linux security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-2101 Andrey Konovalov discovered that the USB Video Class driver uvcvideo did not consistently handle a type field in device descriptors, whic...
R.I.P Ian Murdock, Founder of Debian Linux, Dies at 42
Ian Murdock, the founder the Debian Linux operating system and the creator of apt-get, has passed away. Yes, it is very sad to announce that Ian Murdock is not between us. His death has touched the entire software community. He was just 42. The announcement of Murdock death came out via a blog po...
0d1n - Tool For Automating Customized Attacks Against Web Applications
Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. You can do: brute force passwords in auth forms directory disclosure use PATH list to brute, and find HTTP status code test list on input to find SQL Injection and XSS vulnerabilities To run: require libcurl-dev or...
Command injection
The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package...
CVE-2014-0490
The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package...
CVE-2014-0490
The CVE-2014-0490 issue affects APT’s download path prior to version 1.0.9, where apt-get download did not properly validate package signatures. This allows a crafted package to potentially execute arbitrary code on affected systems. Public advisories document the vulnerability in several distrib...
CVE-2014-6273
Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted URL...
DEBIAN-CVE-2014-6273
Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted URL...
CVE-2014-6273
Summary: CVE-2014-6273 is a buffer overflow in the HTTP transport code of apt-get in APT 1.0.1 and earlier , enabling MITM-induced DoS or possible arbitrary code execution via a crafted URL. Multiple connected records confirm: Debian/DLA-58-2 provides a regression fix for apt; OSV entries documen...
Debian DSA-3031-1 : apt - security update
The Google Security Team discovered a buffer overflow vulnerability in the HTTP transport code in apt-get. An attacker able to man-in-the-middle a HTTP request to an apt repository can trigger the buffer overflow, leading to a crash of the 'http' apt method binary, or potentially to arbitrary cod...