395 matches found
Debian DSA-1907-1 : kvm - several vulnerabilities
Several vulnerabilities have been discovered in kvm, a full virtualization system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-5714 Chris Webb discovered an off-by-one bug limiting KVM's VNC passwords to 7 characters. This flaw might make it...
Debian DSA-1935-1 : gnutls13 gnutls26 - several vulnerabilities
Dan Kaminsky and Moxie Marlinspike discovered that gnutls, an implementation of the TLS/SSL protocol, does not properly handle a '\0' character in a domain name in the subject's Common Name or Subject Alternative Name SAN field of an X.509 certificate, which allows man-in-the-middle attackers to...
Debian DSA-1937-1 : gforge - insufficient input sanitising
It was discovered that gforge, collaborative development tool, is prone to a cross-site scripting attack via the helpname parameter. Beside fixing this issue, the update also introduces some additional input sanitising. However, there are no known attack vectors. %NASLMINLEVEL 70300 C Tenable...
Debian DSA-1988-1 : qt4-x11 - several vulnerabilities
Several vulnerabilities have been discovered in qt4-x11, a cross-platform C++ application framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0945 Array index error in the insertItemBefore method in WebKit, as used in qt4-x11, allows remote...
Debian DSA-1933-1 : cups - missing input sanitising
Aaron Siegel discovered that the web interface of cups, the Common UNIX Printing System, is prone to cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-1933. The...
Debian DSA-1982-1 : hybserv - denial of service
Julien Cristau discovered that hybserv, a daemon running IRC services for IRCD-Hybrid, is prone to a denial of service attack via the commands option. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
Debian DSA-1972-1 : audiofile - buffer overflow
Max Kellermann discovered a heap-based buffer overflow in the handling of ADPCM WAV files in libaudiofile. This flaw could result in a denial of service application crash or possibly execution of arbitrary code via a crafted WAV file. The old stable distribution etch, this problem will be fixed i...
[Backports-security-announce] etch-backports discontinued
Hi users, Hi contributors, as some of you may heard 1 the security support for etch terminated on February 15th. That means that our support for etch backports also ends here. Please dont upload to etch-backports anymore. The downloads are still possible, but please remember that there is no...
[Backports-security-announce] etch-backports discontinued
Hi users, Hi contributors, as some of you may heard 1 the security support for etch terminated on February 15th. That means that our support for etch backports also ends here. Please dont upload to etch-backports anymore. The downloads are still possible, but please remember that there is no...
Debian: Security Advisory (DSA-1986-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1981-2] New maildrop packages fix regression
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1981-2 [email protected] http://www.debian.org/security/ Steffen Joeris January 28, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1981-1] New maildrop packages fix privilege escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1981-1 [email protected] http://www.debian.org/security/ Steffen Joeris January 28, 2010 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1968-2 (pdns-recursor)
The remote host is missing an update to pdns-recursor announced via advisory DSA 1968-2. OpenVAS Vulnerability Test $Id: deb19682.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 1968-2 pdns-recursor Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft...
[SECURITY] [DSA 1985-1] New sendmail packages fix SSL certificate verification weakness
------------------------------------------------------------------------ Debian Security Advisory DSA-1985-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 31, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1979-1] New lintian packages fix multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1979-1 [email protected] http://www.debian.org/security/ Raphael Geissert January 27, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1979-1] New lintian packages fix multiple vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1979-1 [email protected] http://www.debian.org/security/ Raphael Geissert January 27, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1976-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 22, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1975-1] Security Support for Debian 4.0 to be discontinued on February 15th
------------------------------------------------------------------------ Debian Security Advisory DSA-1975-1 [email protected] http://www.debian.org/security/ Stefan Fritsch January 20, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1973-1] New glibc packages fix information disclosure
------------------------------------------------------------------------ Debian Security Advisory DSA-1973-1 [email protected] http://www.debian.org/security/ Aurelien Jarno January 19, 2010 http://www.debian.org/security/faq -...
DSA-1972-1 audiofile - buffer overflow
Bulletin has no description...