816 matches found
CVE-2009-2946
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...
[SECURITY] [DSA 1876-1] New dnsmasq packages fix remote code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1876-1 [email protected] http://www.debian.org/security/ Florian Weimer September 01, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1867-1] New kdelibs packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1867-1 [email protected] http://www.debian.org/security/ Steffen Joeris August 19, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1865-1] New Linux 2.6.18 packages fix several vulnerabilities
---------------------------------------------------------------------- Debian Security Advisory DSA-1865-1 [email protected] http://www.debian.org/security/ dann frazier Aug 16, 2009 http://www.debian.org/security/faq - ----------------------------------------------------------------------...
[SECURITY] [DSA 1853-1] New memcached packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-1853-1 [email protected] http://www.debian.org/security/ Nico Golde August 7th, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1841-1] New git-core packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA-1841-1 [email protected] http://www.debian.org/security/ Nico Golde July 25th, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1839-1] New gst-plugins-good0.10 packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1839-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 19, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1838-1] New pulseaudio packages fix privilege escalation
------------------------------------------------------------------------ Debian Security Advisory DSA-1838-1 [email protected] http://www.debian.org/security/ Florian Weimer July 18, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1837-1] New dbus packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1837-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 18, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1827-1] New ipplan packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1827-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 06, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1813-1] New evolution-data-server packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1813-1 [email protected] http://www.debian.org/security/ Steffen Joeris June 08, 2009 http://www.debian.org/security/faq -...
Code injection
The mapypalias function in functions/imapgeneral.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. NOT...
CVE-2009-1381
The mapypalias function in functions/imapgeneral.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. NOT...
CVE-2009-1381
CVE-2009-1381 relates to SquirrelMail prior to version 1.4.19-1 on Debian and possibly other OSes, where the map_yp_alias function in functions/imap_general.php allows remote execution of arbitrary commands via shell metacharacters in a username string used by ypmatch. Connected advisories confir...
[SECURITY] [DSA 1803-1] New nsd packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1803-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 20, 2009 http://www.debian.org/security/faq -...
NSD vulnerable to one-byte overflow
Overview A vulnerability exists in the way NSD processes certain types of packets that may lead to a one-byte buffer overflow. Description Name server daemon NSD is an open source name server developed by NLnet Labs. NSD contains an off-by-one error that can cause a one-byte buffer overflow when...
Command injection
xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...
CVE-2009-1573
xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...
CVE-2009-1573
What is affected. xvfb-run 1.6.1 (Debian/Ubuntu/Fedora and possibly other OSes) has the flaw. The root cause described in the CVE context is that the X11 magic cookie (MCOOKIE) is exposed on the command line, which can be discovered by local users. Impact. Local privilege escalation by listing th...
[SECURITY] [DSA 1791-1] New moin packages fix cross-site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-1791-1 [email protected] http://www.debian.org/security/ Steffen Joeris May 06, 2009 http://www.debian.org/security/faq -...