Linux Distros Unpatched Vulnerability : CVE-2024-1019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3...

Debian DSA-577-1 : postgresql - insecure temporary file

Trustix Security Engineers identified insecure temporary file creation in a script included in the postgresql suite, an object-relational SQL database. This could lead an attacker to trick a user to overwrite arbitrary files he has write access to. %NASLMINLEVEL 70300 C Tenable Network Security,...

Debian DSA-112-1 : hanterm - buffer overflow

A set of buffer overflow problems have been found in hanterm, a Hangul terminal for X11 derived from xterm, that will read and display Korean characters in its terminal window. The font handling code in hanterm uses hard limited string variables but didn't check for boundaries. This problem can b...

Debian DSA-118-1 : xsane - insecure temporary files

Tim Waugh found several insecure uses of temporary files in the xsane program, which is used for scanning. This was fixed for Debian/stable by moving those files into a securely created directory within the /tmp directory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...