2233 matches found
Debian DSA-1521-1 : lighttpd - file disclosure
Julien Cayzac discovered that under certain circumstances lighttpd, a fast webserver with minimal memory footprint, might allow the reading of arbitrary files from the system. This problem could only occur with a non-standard configuration. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Debian DSA-1513-1 : lighttpd - information disclosure
It was discovered that lighttpd, a fast webserver with minimal memory footprint, would display the source to CGI scripts if their execution failed in some circumstances. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
libmodplug 's3m' Remote Buffer Overflow Vulnerability
No description provided by source. /The libmodplug library is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running ...
Debian DSA-1498-1 : libimager-perl - buffer overflow
It was discovered that libimager-perl, a Perl extension for generating 24-bit images, did not correctly handle 8-bit compressed images, which could allow the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...
Debian DSA-1495-1 : nagios-plugins - buffer overflows
Several local/remote vulnerabilities have been discovered in two of the plugins for the Nagios network monitoring and management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5198 A buffer overflow has been discovered in the parser for HTT...
Debian DSA-1475-1 : gforge - missing input sanitising
Jose Ramon Palanco discovered that a cross site scripting vulnerability in GForge, a collaborative development tool, allows remote attackers to inject arbitrary web script or HTML in the context of a logged in user's session. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...
apt-listchanges不安全路径库导入本地SHELL代码执行漏洞
apt-listchanges是一款使用当前安装来对比新版本的工具。 apt-listchanges当导入部分库的时候使用不安全路径,本地攻击者可以利用漏洞以应用程序进程权限执行任意SHELL代码。 目前没有详细漏洞细节提供。 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32...
Debian Security Advisory DSA 1321-1 (evolution-data-server)
The remote host is missing an update to evolution-data-server announced via advisory DSA 1321-1. OpenVAS Vulnerability Test $Id: deb13211.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1321-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 1449-1 (loop-aes-utils)
The remote host is missing an update to loop-aes-utils announced via advisory DSA 1449-1. OpenVAS Vulnerability Test $Id: deb14491.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1449-1 loop-aes-utils Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
Debian Security Advisory DSA 297-1 (snort)
The remote host is missing an update to snort announced via advisory DSA 297-1. OpenVAS Vulnerability Test $Id: deb2971.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 297-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 770-1 (gopher)
The remote host is missing an update to gopher announced via advisory DSA 770-1. John Goerzen discovered that gopher, a client for the Gopher Distributed Hypertext protocol, creates temporary files in an insecure fashion. For the old stable distribution woody this problem has been fixed in versio...
Debian Security Advisory DSA 341-1 (liece)
The remote host is missing an update to liece announced via advisory DSA 341-1. OpenVAS Vulnerability Test $Id: deb3411.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 341-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-1381-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-896-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1461-1 : libxml2 - missing input validation
Brad Fitzpatrick discovered that the UTF-8 decoding functions of libxml2, the GNOME XML library, validate UTF-8 correctness insufficiently, which may lead to denial of service by forcing libxml2 into an infinite loop. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
Debian DSA-1443-1 : tcpreen - buffer overflows
It was discovered that several buffer overflows in tcpreen, a tool for monitoring a TCP connection, may lead to denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-1443. The...
OpenOffice HSQLDB Database Engine Unspecified Java Code Execution Vulnerability
Bugtraq ID: 26703 CVE: CVE-2007-4575 OpenOffice is prone to a code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary Java code in the context of the vulnerable application. Versions prior to OpenOffice 2.3.1 are vulnerable. Sun StarSuite 8 Sun StarOffice 8.0...
GnomeHack 1.0.5 Local Buffer Overflow Exploit
No description provided by source. / linux/debiangnomehackv1.0.5 buffer overflow, by: [email protected]. this will give you an egid=60games shell if gnomehack is sgid=2755 games on debian/2.2, which has gnomehack. this can also be applied to nethack syntax: ./debgnomehack offset alignment. exampl...
Debian DSA-1408-1 : kdegraphics - buffer overflow
Alin Rad Pop discovered a buffer overflow in kpdf, which could allow the execution of arbitrary code if a malformed PDF file is displayed. The old stable distribution sarge will be fixed later. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Debian DSA-1407-1 : cupsys - buffer overflow
Alin Rad Pop discovered that the Common UNIX Printing System is vulnerable to an off-by-one buffer overflow in the code to process IPP packets, which may lead to the execution of arbitrary code. The cupsys version in the old stable distribution sarge is not vulnerable to arbitrary code execution...