The vulnerability of the Debian GNU/Linux operating system and the DBD::mysql driver allows attackers to exert undefined effects.

The vulnerability of the mylogin function in the Debian GNU/Linux operating system and the DBD::mysql driver is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to have unpredictable effects by using the mysqlerrno function after the mylogin...

Debian Security Advisory DSA 3669-1 (tomcat7 - security update)

Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation. OpenVAS Vulnerability Test $Id: deb3669.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3669-1 using nvtgen 1.0 Script...

Debian Security Advisory DSA 3668-1 (mailman - security update)

It was discovered that there was a CSRF vulnerability in mailman, a web-based mailing list manager, which could allow an attacker to obtain a user OpenVAS Vulnerability Test $Id: deb3668.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3668-1 using nvtgen 1.0 Script...

Debian DSA-3662-1 : inspircd - security update

It was discovered that incorrect SASL authentication in the Inspircd IRC server may lead to users impersonating other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3662. The text...

Debian DSA-3661-1 : charybdis - security update

It was discovered that incorrect SASL authentication in the Charybdis IRC server may lead to users impersonating other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3661. The text...

Debian Security Advisory DSA 3661-1 (charybdis - security update)

It was discovered that incorrect SASL authentication in the Charybdis IRC server may lead to users impersonating other users. OpenVAS Vulnerability Test $Id: deb3661.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3661-1 using nvtgen 1.0 Script version: 1.0 Author:...

Debian DSA-3654-1 : quagga - security update

Two vulnerabilities were discovered in quagga, a BGP/OSPF/RIP routing daemon. - CVE-2016-4036 Tamas Nemeth discovered that sensitive configuration files in /etc/quagga were world-readable despite containing sensitive information. - CVE-2016-4049 Evgeny Uskov discovered that a bgpd instance handli...

Debian Security Advisory DSA 3654-1 (quagga - security update)

Two vulnerabilities were discovered in quagga, a BGP/OSPF/RIP routing daemon. CVE-2016-4036 Tams Nmeth discovered that sensitive configuration files in /etc/quagga were world-readable despite containing sensitive information. CVE-2016-4049 Evgeny Uskov discovered that a bgpd instance handling man...

Debian DSA-3643-1 : kde4libs - security update

Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with '../' in the file paths. A remote attacker can take advantage of this flaw to overwrite files outside of the extraction folder, if a user is tricke...

Debian Security Advisory DSA 3643-1 (kde4libs - security update)

Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with OpenVAS Vulnerability Test $Id: deb3643.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3643-1 using nvtgen 1.0 Script...

Debian Security Advisory DSA 3635-1 (libdbd-mysql-perl - security update)

Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl DBI driver for the MySQL database server. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql application crash, or potentially to execute arbitrary code...

Debian Security Advisory DSA 3640-1 (firefox-esr - security update)

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code, cross-site scriping, information disclosure and bypass of the same-origin policy. OpenVAS...

Debian Security Advisory DSA 3631-1 (php5 - security update)

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.24, which includes additional bug fixes. Please refer to the upstream changelog for mor...

Debian Security Advisory DSA 3622-1 (python-django - security update)

It was discovered that Django, a high-level Python web development framework, is prone to a cross-site scripting vulnerability in the admin OpenVAS Vulnerability Test $Id: deb3622.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3622-1 using nvtgen 1.0 Script version: 1....

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The Samba-dbg package in the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities can lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by malicious individuals who ha...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-image-2.6.8-3-386 operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The numerous vulnerabilities in the sudo package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-headers-2.6.8-3-sparc64 Debian GNU/Linux operating system can be exploited, resulting in a violation of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The kernel-image-2.6-amd64-generic package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local...

Vulnerabilities of the Debian GNU/Linux operating system that allow a local malicious individual to compromise the integrity of protected information

The proftpd-dfsg package in the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a breach of the integrity of protected information. These vulnerabilities can be exploited by local malicious individuals...