442 matches found
Debian DSA-1015-1 : sendmail - programming error
Mark Dowd discovered a flaw in the handling of asynchronous signals in sendmail, a powerful, efficient, and scalable mail transport agent. This allows a remote attacker to exploit a race condition to execute arbitrary code as root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Debian DSA-1163-1 : gtetrinet - programming error
Michael Gehring discovered several potential out-of-bounds index accesses in gtetrinet, a multiplayer Tetris-like game, which may allow a remote server to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Debian DSA-1042-1 : cyrus-sasl2 - programming error
The Mu Security research team discovered a denial of service condition in the Simple Authentication and Security Layer authentication library SASL during DIGEST-MD5 negotiation. This potentially affects multiple products that use SASL DIGEST-MD5 authentication including OpenLDAP, Sendmail, Postfi...
Debian DSA-1155-2 : sendmail - programming error
It turned out that the sendmail binary depends on libsasl2 = 2.1.19.dfsg1 which is neither available in the stable nor in the security archive. This version is scheduled for the inclusion in the next update of the stable release, though. You'll have to download the referenced file for your...
Debian DSA-978-1 : gnupg - programming error
Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, verifies external signatures of files successfully even though they don't contain a signature at all. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Debian DSA-918-1 : osh - programming error
Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-3346 Charles Stevenson discovered a bug in the...
Debian DSA-917-1 : courier - programming error
Patrick Cheong Shu Yang discovered that courier-authdaemon, the authentication daemon of the Courier Mail Server, grants access to accounts that are already deactivated. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Debian DSA-1150-1 : shadow - programming error
A bug has been discovered in several packages that execute the setuid system call without checking for success when trying to drop privileges, which may fail with some PAM configurations. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
[SECURITY] [DSA 1180-1] New bomberclone packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1180-1 [email protected] http://www.debian.org/security/ Martin Schulze September 19th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1179-1] New alsaplayer packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1179-1 [email protected] http://www.debian.org/security/ Martin Schulze September 19th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1177-1] New usermin packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1177-1 [email protected] http://www.debian.org/security/ Martin Schulze September 15th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1176-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 13th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure
-------------------------------------------------------------------------- Debian Security Advisory DSA 1176-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 13th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1172-1] New bind9 packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1172-1 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1164-1] New sendmail packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1164-1 [email protected] http://www.debian.org/security/ Noah Meyerhans August 31st, 2006 http://www.debian.org/security/faq -...
DSA-1164 sendmail - programming error
Bulletin has no description...
[Full-disclosure] [SECURITY] [DSA 1163-1] New gtetrinet packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1163-1 [email protected] http://www.debian.org/security/ Martin Schulze August 30th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1155-1] New sendmail packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1155-1 [email protected] http://www.debian.org/security/ Martin Schulze August 24th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1150-1] New shadow packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1150-1 [email protected] http://www.debian.org/security/ Martin Schulze August 12th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1143-1] New dhcp packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1143-1 [email protected] http://www.debian.org/security/ Martin Schulze August 4th, 2006 http://www.debian.org/security/faq -...