Debian DSA-1450-1 : util-linux - programming error

It was discovered that util-linux, miscellaneous system utilities, didn't drop privileged user and group permissions in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

[SECURITY] [DSA 1450-1] New util-linux packages fix programming error

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1450-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1449-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1450-1] New util-linux packages fix programming error

------------------------------------------------------------------------ Debian Security Advisory DSA-1450-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error

------------------------------------------------------------------------ Debian Security Advisory DSA-1449-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...

Debian DSA-1445-1 : maradns - programming error

Michael Krieger and Sam Trenholme discovered a programming error in MaraDNS, a simple security-aware Domain Name Service server, which might lead to denial of service through malformed DNS packets. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

[SECURITY] [DSA 1445-1] New maradns packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1445-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 03, 2008 http://www.debian.org/security/faq -...

DSA-1445-1 maradns denial of service

Bulletin has no description...

Debian DSA-1419-1 : openoffice.org - programming error

A vulnerability has been discovered in HSQLDB, the default database engine shipped with OpenOffice.org. This could result in the execution of arbitrary Java code embedded in a OpenOffice.org database document with the user's privilege. This update requires an update of both openoffice.org and...

Debian DSA-1420-1 : zabbix - programming error

Bas van Schaik discovered that the agentd process of Zabbix, a network monitor system, may run user-supplied commands as group id root, not zabbix, which may lead to a privilege escalation. zabbix is not included in the oldstable distribution sarge. %NASLMINLEVEL 70300 C Tenable Network Security,...

DTSA-93-1 zabbix - programming error

Bulletin has no description...

[SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1419-1 [email protected] http://www.debian.org/security/ Martin Schulze December 5th, 2007 http://www.debian.org/security/faq -...

Debian DSA-1412-1 : ruby1.9 - programming error

Several vulnerabilities have been discovered in Ruby, an object-oriented scripting language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5162 It was discovered that the Ruby HTTPS module performs insufficient validation of SSL certificates, whic...

Debian DSA-1411-1 : libopenssl-ruby - programming error

Several vulnerabilities have been discovered in Ruby, an object-oriented scripting language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5162 It was discovered that the Ruby HTTPS module performs insufficient validation of SSL certificates, whic...

Debian DSA-1410-1 : ruby1.8 - programming error

Several vulnerabilities have been discovered in Ruby, an object-oriented scripting language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5162 It was discovered that the Ruby HTTPS module performs insufficient validation of SSL certificates, whic...

[SECURITY] [DSA 1410-1] New ruby1.8 packages fix insecure SSL certificate validation

------------------------------------------------------------------------ Debian Security Advisory DSA-1410-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 24, 2007 http://www.debian.org/security/faq -...

Ubuntu 5.04 / 5.10 / 6.06 LTS / 6.10 : screen vulnerability (USN-370-1)

cstone and Rich Felker discovered a programming error in the UTF8 string handling code of 'screen' leading to a denial of service. If a crafted string was displayed within a screen session, screen would crash or possibly execute arbitrary code. Note that Tenable Network Security has extracted the...

Debian DSA-1404-1 : gallery2 - programming error

Nicklous Roberts discovered that the Reupload module of Gallery 2, a web-based photo management application, allowed unauthorized users to edit Gallery's data file. The oldstable distribution sarge does not contain a gallery2 package. The previous gallery package is not affected by this...

[SECURITY] [DSA 1386-2] New wesnoth packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1386-2 [email protected] http://www.debian.org/security/ Martin Schulze October 15th, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1386-1] New wesnoth packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1386-1 [email protected] http://www.debian.org/security/ Martin Schulze October 15th, 2007 http://www.debian.org/security/faq -...