CVE-2002-0912

in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow...

[SECURITY] [DSA 166-1] New purity packages fix potential buffer overflows

-------------------------------------------------------------------------- Debian Security Advisory DSA 166-1 [email protected] http://www.debian.org/security/ Martin Schulze September 13th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 161-1] New Mantis package fixes privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 161-1 [email protected] http://www.debian.org/security/ Martin Schulze September 4th, 2002 http://www.debian.org/security/faq -...

CVE-2002-0912

in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow...

[SECURITY] [DSA 152-1] New l2tpd packages adds better randomization

-------------------------------------------------------------------------- Debian Security Advisory DSA 152-1 [email protected] http://www.debian.org/security/ Martin Schulze August 13th, 2002 - -------------------------------------------------------------------------- Package : l2tpd...

CVE-2002-0660

Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728...

[SECURITY] [DSA 140-2] New libpng packages fix potential buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 140-2 [email protected] http://www.debian.org/security/ Martin Schulze August 5th, 2002 - -------------------------------------------------------------------------- Package : libpng, libpng3...

[SECURITY] [DSA 141-1] New mpack packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 141-1 [email protected] http://www.debian.org/security/ Martin Schulze August 1st, 2002 - -------------------------------------------------------------------------- Package : mpack...

[SECURITY] [DSA-126-1] Horde and IMP cross-site scripting attack

Package : imp Problem type : cross-site scripting CSS Debian-specific: no A cross-site scripting CSS problem was discovered in Horde and IMP a web based IMAP mail package. This was fixed upstream in Horde version 1.2.8 and IMP version 2.2.8. The relevant patches have been back-ported to version...

CVE-1999-1411

The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp...

[SECURITY] [DSA-111-2] Update for SNMP security fix

Package : ucd-snmp Problem type : ABI/API correction to previous security fix Debian-specific: yes Some of the changes made in the DSA-111-1 security fix for SNMP changed the API and ABI for the SNMP library which broke some other applications. This has been fixed in version 4.1.1-2.1. We apologi...

[SECURITY] [DSA 108-1] New wmtv packages fix symlink vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 108-1 [email protected] http://www.debian.org/security/ Martin Schulze February 7th, 2002 - -------------------------------------------------------------------------- Package : wmtv...

[SECURITY] [DSA 108-1] New wmtv packages fix symlink vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 108-1 [email protected] http://www.debian.org/security/ Martin Schulze February 7th, 2002 - -------------------------------------------------------------------------- Package : wmtv...

[SECURITY] [DSA-106-1] rsync remote exploit

Package : rsync Problem type : remote exploit Debian-specific: no Sebastian Krahmer found several places in rsync a popular tool to synchronise files between machines where signed and unsigned numbers were mixed which resulted in insecure code. This could be abused by remote users to write 0-byte...

[SECURITY] [DSA-105-1] enscript creates temporary files insecurely

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-105-1 [email protected] http://www.debian.org/security/ Wichert Akkerman January 21, 2002 -...

[SECURITY] [DSA 102-1] New at packages fix heap corruption vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 102-1 [email protected] http://www.debian.org/security/ Martin Schulze January 16th, 2002 - -------------------------------------------------------------------------- Package : at...

[SECURITY] [DSA 097-1] New versions of Exim fix uncontrolled program execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 097-1 [email protected] http://www.debian.org/security/ Martin Schulze January 3rd, 2002 - -------------------------------------------------------------------------- Package : exim...

[SECURITY] [DSA-096-2] mutt buffer overflow, sparc update

Package : mutt Problem type : buffer overflow Debian-specific: no The sparc binary for the mutt security fix described in DSA-096-1 is now available. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato -...

[SECURITY] [DSA-095-1] gpm (gpm-root) format string vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-095-1 [email protected] http://www.debian.org/security/ Robert van der Meulen December 27, 2001 - ------------------------------------------------------------------------ Package : gpm Problem...

[SECURITY] [DSA-090-1] xtel symlink vulnerabilities

Package : xtel Problem type : symlink attack Debian-specific: no The xtel a X emulator for minitel package as distributed with Debian GNU/Linux 2.2 has two possible symlink attacks: xteld creates a temporary file /tmp/.xtel-user without checking for symlinks. when printing a hardcope xtel would...