442 matches found
DSA-2087-1 cabextract - arbitrary code execution
Bulletin has no description...
Debian DSA-2078-1 : kvirc - programming error
It was discovered that incorrect parsing of CTCP commands in kvirc, a KDE-based IRC client, could lead to the execution of arbitrary IRC commands against other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
[SECURITY] [DSA 2078-1] New kvirc packages fix arbitrary IRC command execution
------------------------------------------------------------------------ Debian Security Advisory DSA-2078-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 31, 2010 http://www.debian.org/security/faq -...
FreeBSD Security Advisory (FreeBSD-SA-10:05.opie.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:05.opie.asc SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Debian DSA-2036-1 : jasper - programming error
It was discovered that the JasPer JPEG-2000 runtime library allowed an attacker to create a crafted input file that could lead to denial of service and heap corruption. Besides addressing this vulnerability, this updates also addresses a regression introduced in the security fix for CVE-2008-3521...
Debian DSA-2027-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0174 Jesse Ruderman and Ehsan Akhgari discovered crashes...
DSA-2027-1 xulrunner - several vulnerabilities
Bulletin has no description...
Debian DSA-1831-1 : djbdns - programming error
Matthew Dempsky discovered that Daniel J. Bernstein's djbdns, a Domain Name System server, does not constrain offsets in the required manner, which allows remote attackers with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses containing arbitrary record...
Debian DSA-1873-1 : xulrunner - programming error
Juan Pablo Lopez Yacubian discovered that incorrect handling of invalid URLs could be used for spoofing the location bar and the SSL certificate status of a web page. Xulrunner is no longer supported for the old stable distribution etch. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Debian DSA-1886-1 : iceweasel - several vulnerabilities
Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3079 'mozbugra4' discovered that a programming error in the FeedWriter...
Debian DSA-1932-1 : pidgin - programming error
It was discovered that incorrect pointer handling in the purple library, an internal component of the multi-protocol instant messaging client Pidgin, could lead to denial of service or the execution of arbitrary code through malformed contact requests. %NASLMINLEVEL 70300 C Tenable Network...
Debian DSA-1938-1 : php-mail - programming error
It was discovered that php-mail, a PHP PEAR module for sending email, has insufficient input sanitising, which might be used to obtain sensitive data from the system that uses php-mail. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...
Debian DSA-1889-1 : icu - programming error
It was discovered that the ICU unicode library performed incorrect processing of invalid multibyte sequences, resulting in potential bypass of security mechanisms. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debia...
Debian DSA-1949-1 : php-net-ping - programming error
It was discovered that php-net-ping, a PHP PEAR module to execute ping independently of the Operating System, performs insufficient input sanitising, which might be used to inject arguments no CVE yet or execute arbitrary commands CVE-2009-4024 on a system that uses php-net-ping. %NASLMINLEVEL...
Debian DSA-1837-1 : dbus - programming error
It was discovered that the dbussignaturevalidate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack. This issue was caused by an incorrect fix for DSA-1658-1. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...
[SECURITY] [DSA 1938-1] New php-mail packages fix insufficient input sanitising
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1938-1 [email protected] http://www.debian.org/security/ Steffen Joeris November 23, 2009 http://www.debian.org/security/faq -...
New pidgin packages fix arbitrary code execution
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1932-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 08, 2009...
Debian: Security Advisory (DSA-1886-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1837-1] New dbus packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1837-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 18, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1837-1] New dbus packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1837-1 [email protected] http://www.debian.org/security/ Steffen Joeris July 18, 2009 http://www.debian.org/security/faq -...