Debian Security Advisory DSA 072-1 (groff)

The remote host is missing an update to groff announced via advisory DSA 072-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 066-1 (cfingerd)

The remote host is missing an update to cfingerd announced via advisory DSA 066-1. OpenVAS Vulnerability Test $Id: deb0661.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 066-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 107-1 (jgroff)

The remote host is missing an update to jgroff announced via advisory DSA 107-1. OpenVAS Vulnerability Test $Id: deb1071.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 107-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian DSA-061-1 : gnupg - printf format attack

The version of GnuPG GNU Privacy Guard, an OpenPGP implementation as distributed in Debian GNU/Linux 2.2 suffers from two problems : - fish stiqz reported on bugtraq that there was a printf format problem in the doget function: it printed a prompt which included the filename that was being...

Debian DSA-072-1 : groff - printf format attack

Zenith Parse found a security problem in groff the GNU version oftroff. The pic command was vulnerable to a printf format attack which made it possible to circumvent the -S' option and execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

Debian DSA-057-1 : gftp - printf format attack

The gftp package as distributed with Debian GNU/Linux 2.2 has a problem in its logging code: it logged data received from the network but it did not protect itself from printf format attacks. An attacker can use this by making an FTP server return special responses that exploit this. %NASLMINLEVE...

Debian DSA-107-1 : jgroff - format print vulnerability

Basically, this is the same Security Advisory as DSA 072-1, but for jgroff instead of groff. The package jgroff contains a version derived from groff that has Japanese character sets enabled. This package is available only in the stable release of Debian, patches for Japanese support have been...

[SECURITY] [DSA-072-1] groff printf format problem

Package : groff Problem type : printf format attack Debian-specific: no Zenith Parse found a security problem in groff the GNU version of troff. The pic command was vulnerable to a printf format attack which made it possible to circumvent the -S option and execute arbitrary code. This has been...

[SECURITY] [DSA-066-1] cfingerd remote exploit

Package : cfingerd Problem type : remote exploit Debian-specific: no Steven van Acker reported on bugtraq that the version of cfingerd a configurable finger daemon as distributed in Debian GNU/Linux 2.2 suffers from two problems: 1. The code that reads configuration files files in which $ command...

[SECURITY] [DSA-061-1] multiple gnupg problems

Package : gnupg Problem type : printf format attack web of trust pollution Debian-specific: no The version of GnuPG GNU Privacy Guard, an OpenPGP implementation as distributed in Debian GNU/Linux 2.2 suffers from two problems: fish stiqz reported on bugtraq that there was a printf format problem ...

[SECURITY] [DSA-058-1] exim printf format attack

Package : exim Problem type : remote printf format attack Debian-specific: no Megyer Laszlo found a printf format bug in the exim mail transfer agent. The code that checks the header syntax of an email logs an error without protecting itself against printf format attacks. This problem has been...

[SECURITY] [DSA-055-1] gftp remote exploit

Package : gftp Problem type : printf format attack Debian-specific: no The gftp package as distributed with Debian GNU/Linux 2.2 has a problem in its logging code: it logged data received from the network but it did not protect itself from printf format attacks. An attacker can use this by making...