[SECURITY] [DSA 183-1] New krb5 packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 183-1 [email protected] http://www.debian.org/security/ Martin Schulze October 29th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 173-1] New bugzilla packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 173-1 [email protected] http://www.debian.org/security/ Martin Schulze October 9th, 2002 http://www.debian.org/security/faq -...

CVE-2002-0912

in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow...

[SECURITY] [DSA 166-1] New purity packages fix potential buffer overflows

-------------------------------------------------------------------------- Debian Security Advisory DSA 166-1 [email protected] http://www.debian.org/security/ Martin Schulze September 13th, 2002 http://www.debian.org/security/faq -...

[SECURITY] [DSA 161-1] New Mantis package fixes privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 161-1 [email protected] http://www.debian.org/security/ Martin Schulze September 4th, 2002 http://www.debian.org/security/faq -...

CVE-2002-0912

CVE-2002-0912 affects in.uucpd (UUCP server) in Debian GNU/Linux 2.2; long input strings were not terminated properly, enabling remote denial of service (likely via buffer overflow). Debian DSA-129-1 fixes uucp with updated versions 1.06.1-11potato3 (potato) and 1.06.1-18 (woody); OpenVAS notes t...

CVE-2002-0912

in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow...

[SECURITY] [DSA 152-1] New l2tpd packages adds better randomization

-------------------------------------------------------------------------- Debian Security Advisory DSA 152-1 [email protected] http://www.debian.org/security/ Martin Schulze August 13th, 2002 - -------------------------------------------------------------------------- Package : l2tpd...

CVE-2002-0660

Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728...

CVE-2002-0660

Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728...

CVE-2002-0660

CVE-2002-0660 involves a buffer overflow in the PNG libraries that affects libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0 and other OSes. The overflow occurs in the PNG progressive reader when processing image data, potentially allowing denial of service and possibl...

[SECURITY] [DSA 140-2] New libpng packages fix potential buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 140-2 [email protected] http://www.debian.org/security/ Martin Schulze August 5th, 2002 - -------------------------------------------------------------------------- Package : libpng, libpng3...

[SECURITY] [DSA 141-1] New mpack packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 141-1 [email protected] http://www.debian.org/security/ Martin Schulze August 1st, 2002 - -------------------------------------------------------------------------- Package : mpack...

[SECURITY] [DSA-134-1] OpenSSH remote vulnerability

Package : ssh Problem type : remote exploit Debian-specific: no Theo de Raadt announced that the OpenBSD team is working with ISS on a remote exploit for OpenSSH a free implementation of the Secure SHell protocol. They are refusing to provide any details on the vulnerability but instead are...

[SECURITY] [DSA-126-1] Horde and IMP cross-site scripting attack

Package : imp Problem type : cross-site scripting CSS Debian-specific: no A cross-site scripting CSS problem was discovered in Horde and IMP a web based IMAP mail package. This was fixed upstream in Horde version 1.2.8 and IMP version 2.2.8. The relevant patches have been back-ported to version...

CVE-1999-1411

The vulnerability CVE-1999-1411 affects the fsp package 2.71-10 on Debian GNU/Linux 2.0. During installation, an anonymous FTP user is added without administrator notification, which could automatically enable anonymous FTP on servers such as wu-ftp. Impact described as enabling anonymous FTP acc...

CVE-1999-1411

The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp...

[SECURITY] [DSA-111-2] Update for SNMP security fix

Package : ucd-snmp Problem type : ABI/API correction to previous security fix Debian-specific: yes Some of the changes made in the DSA-111-1 security fix for SNMP changed the API and ABI for the SNMP library which broke some other applications. This has been fixed in version 4.1.1-2.1. We apologi...

[SECURITY] [DSA 108-1] New wmtv packages fix symlink vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 108-1 [email protected] http://www.debian.org/security/ Martin Schulze February 7th, 2002 - -------------------------------------------------------------------------- Package : wmtv...

[SECURITY] [DSA 108-1] New wmtv packages fix symlink vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 108-1 [email protected] http://www.debian.org/security/ Martin Schulze February 7th, 2002 - -------------------------------------------------------------------------- Package : wmtv...