Debian DSA-1815-1 : libtorrent-rasterbar - programming error

It was discovered that the Rasterbar Bittorrent library performed insufficient validation of path names specified in torrent files, which could lead to denial of service by overwriting files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

[SECURITY] [DSA 1815-1] New libtorrent-rasterbar packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1815-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 14, 2009 http://www.debian.org/security/faq -...

FreeBSD : apache -- apr_uri_parse IPv6 address handling vulnerability (762d1c6d-0722-11d9-b45d-000c41e2cdad)

The Apache Software Foundation Security Team discovered a programming error in the apr-util library function apruriparse. When parsing IPv6 literal addresses, it is possible that a length is incorrectly calculated to be negative, and this value is passed to memcpy. This may result in an exploitab...

Debian DSA-1776-1 : slurm-llnl - programming error

It was discovered that the Simple Linux Utility for Resource Management SLURM, a cluster job management and scheduling system, did not drop the supplemental groups. These groups may be system groups with elevated privileges, which may allow a valid SLURM user to gain elevated privileges...

[SECURITY] [DSA 1776-1] New slurm-llnl packages fix privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1776-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 21, 2009 http://www.debian.org/security/faq -...

Mandriva Update for id3lib MDKSA-2007:180 (id3lib)

Check for the Version of id3lib OpenVAS Vulnerability Test Mandriva Update for id3lib MDKSA-2007:180 id3lib Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Debian DSA-1763-1 : openssl - programming error

It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Debian DSA-1734-1 : opensc - programming error

b.badrignans discovered that OpenSC, a set of smart card utilities, could stores private data on a smart card without proper access restrictions. Only blank cards initialised with OpenSC are affected by this problem. This update only improves creating new private data objects, but cards already...

Debian DSA-1725-1 : websvn - programming error

Bas van Schaik discovered that WebSVN, a tool to view Subversion repositories over the web, did not properly restrict access to private repositories, allowing a remote attacker to read significant parts of their content. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

[Full-disclosure] [SECURITY] [DSA 1725-1] New websvn packages fix information leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1725-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 15, 2009 http://www.debian.org/security/faq -...

Debian DSA-1722-1 : libpam-heimdal - programming error

Derek Chan discovered that the PAM module for the Heimdal Kerberos implementation allows reinitialisation of user credentials when run from a setuid context, resulting in potential local denial of service by overwriting the credential cache file or to local privilege escalation. %NASLMINLEVEL 703...

[SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1722-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 11, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1722-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 11, 2009 http://www.debian.org/security/faq -...

DSA-1696-1 icedove - several vulnerabilities

Bulletin has no description...

Debian: Security Advisory (DSA-1671-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1671-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 1671-1. OpenVAS Vulnerability Test $Id: deb16711.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1671-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian DSA-1671-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0017 Justin Schuh discovered that a buffer overflow in the http-index-forma...

Debian DSA-1668-1 : hf - programming error

Steve Kemp discovered that hf, an amateur-radio protocol suite using a soundcard as a modem, insecurely tried to execute an external command which could lead to the elevation of privileges for local users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...

DSA-1669-1 xulrunner - several vulnerabilities

Bulletin has no description...

Debian: Security Advisory (DSA-1632-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...