816 matches found
Memory corruption
Memory leak in the image message functionality in ekg before 1:1.7rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service...
Null pointer dereference
ekg before 1:1.7rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service NULL pointer dereference via a vector related to the token OCR functionality...
CVE-2007-1664
ekg before 1:1.7rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service NULL pointer dereference via a vector related to the token OCR functionality...
CVE-2007-1665
Removed by vendor...
MIT Kerberos kadmind principal renaming stack buffer overflow
Overview The MIT Kerberos administration daemon kadmind contains a stack buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the principal renaming operation used by the Kerberos...
[SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1321-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 23rd, 2007 http://www.debian.org/security/faq -...
[Full-disclosure] [SECURITY] [DSA 1298-1] New otrs2 packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1298-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 28th, 2007 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1293-1] New quagga packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1293-1 [email protected] http://www.debian.org/security/ Martin Schulze May 17th, 2007 http://www.debian.org/security/faq -...
libpng denial of service vulnerability
Overview The libpng library contains a denial-of-service vulnerability. Description The libpng library can be used to allow other applications to render PNG images.The libpng library contains a denial-of-service vulnerability. From the Libpng-1.2.16-ADVISORY: This vulnerability could be used to...
Samba NDR MS-RPC heap buffer overflow
Overview Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File System CIFS. Network Data...
[SECURITY] [DSA 1261-1] New PostgreSQL packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1261-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 15th, 2007 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1246-1] New OpenOffice.org packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1246-1 [email protected] http://www.debian.org/security/ Martin Schulze January 8th, 2007 http://www.debian.org/security/faq -...
Fully Automated Installation管理HASH密码信息泄露漏洞
Fully Automated Installation是一种基于Debian GNU/Linux平台的全自动安装集群结点机的软件包。 Fully Automated Installation存在设计错误,本地攻击者可以利用漏洞获得敏感信息。 如果安装在verbose模式,ROOT密码的HASH信息会存储在'/var/log/fai/current/fai.log',当fai-savelog调用时,它拷贝日志文件到新安装的主机,而仍旧保留HASH信息到文件中,导致敏感信息泄露。 Thomas Lange Fully Automated Installation 3.1.2 Thomas...
GnuPG vulnerable to remote data control
Overview A vulnerability in GnuPG could allow a remote attacker to execute arbitrary code on an affected system. Description GNU Privacy Guard GnuPG is the GNU project's implementation of the OpenPGP standard as defined by RFC2440.OpenPGP messages are processed by GnuPG using data structures call...
[SECURITY] [DSA 1238-1] New clamav packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1238-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 17th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1215-1] New xine-lib packages fix execution of arbitrary code
-------------------------------------------------------------------------- Debian Security Advisory DSA 1215-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 20th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1211-1] New pdns packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1211-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 14th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1206-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 6th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1205-1] New thttpd packages fix insecure temporary file creation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1205-1 [email protected] http://www.debian.org/security/ Steve Kemp November 2rd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1204-1] New ingo1 packages fix arbitrary shell command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1204-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 2nd, 2006 http://www.debian.org/security/faq -...