[SECURITY] [DSA 397-1] New PostgreSQL packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 397-1 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2003 http://www.debian.org/security/faq -...

[Full-Disclosure] [SECURITY] [DSA 274-1] New node packages fix remote root vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 274-1 [email protected] http://www.debian.org/security/ Martin Schulze August 29th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA-325-1] New eldav packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 325-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 19th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA-316-3] New jnethack packages fix buffer overflow, incorrect permissions

-------------------------------------------------------------------------- Debian Security Advisory DSA 316-3 [email protected] http://www.debian.org/security/ Matt Zimmerman June 17th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA-309-2] New eterm packages fix error introduced in DSA-309-1

-------------------------------------------------------------------------- Debian Security Advisory DSA 309-2 [email protected] http://www.debian.org/security/ Matt Zimmerman June 6th, 2003 http://www.debian.org/security/faq -...

CVE-2003-0262

leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have...

CVE-2003-0308

CVE-2003-0308 : The Debian GNU/Linux 3.0 package of Sendmail 8.12.3 does not securely create temporary files, enabling local users to gain additional privileges via the expn, checksendmail, or doublebounce.pl scripts. The issue is due to insecure temporary file handling within these components. E...

CVE-2003-0308

The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via 1 expn, 2 checksendmail, or 3 doublebounce.pl...

CVE-2003-0262

leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have...

CVE-2003-0262

CVE-2003-0262 concerns leksbot 1.2.3 on Debian GNU/Linux, where the program KATAXWR is installed as setuid root due to a packaging error. This misconfiguration enables local users to attempt privilege escalation to root, leveraging vulnerabilities in KATAXWR that it was not designed to expose to ...

OpenSSHPAM 3.6.1p1 - Remote Users Discovery Tool

OpenSSHPAM 3.6.1p1 - Remote Users Discovery Tool / SSHBRUTE - OpenSSH/PAM Proof of concept code by Maurizio Agazzini Tested against Red Hat, Mandrake, and Debian GNU/Linux. Reference: http://lab.mediaservice.net/advisory/2003-01-openssh.txt $ tar xvfz openssh-3.6.1p1.tar.gz $ patch -p0 include...

[SECURITY] [DSA 249-1] New w3mmee packages fix cookie information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 249-1 [email protected] http://www.debian.org/security/ Martin Schulze February 11th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 217-1 [email protected] http://www.debian.org/security/ Martin Schulze December 27th, 2002 http://www.debian.org/security/faq -...

DSA-210 lynx - CRLF injection

Bulletin has no description...

DSA-209 wget - directory traversal

Bulletin has no description...

DSA-205 gtetrinet - buffer overflow

Bulletin has no description...

[SECURITY] [DSA 198-1] New nullmailer packages fix local denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 198-1 [email protected] http://www.debian.org/security/ Martin Schulze November 18th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA-190-1] buffer overflow in Window Maker

Package : wmaker Problem type : buffer overflow Debian-specific: no Al Viro found a problem in the image handling code use in Window Maker, a popular NEXTSTEP like window manager. When creating an image it would allocate a buffer by multiplying the image width and height, but did not check for an...

[SECURITY] [DSA 189-1] New luxman packages fix local root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 189-1 [email protected] http://www.debian.org/security/ Martin Schulze November 6th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 183-1] New krb5 packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 183-1 [email protected] http://www.debian.org/security/ Martin Schulze October 29th, 2002 http://www.debian.org/security/faq -...