4971 matches found
Debian DSA-1482-1 : squid - programming error
It was discovered that malformed cache update replies against the Squid WWW proxy cache could lead to the exhaustion of system memory, resulting in potential denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...
[SECURITY] [DSA 1482-1] New squid packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1482-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 05, 2008 http://www.debian.org/security/faq -...
DSA-1482-1 squid - programming error
Bulletin has no description...
Debian DSA-1476-1 : pulseaudio - programming error
Marcus Meissner discovered that the PulseAudio sound server performed insufficient checks when dropping privileges, which could lead to local privilege escalation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debia...
Debian DSA-1465-2 : apt-listchanges - programming error
Felipe Sateler discovered that apt-listchanges, a package change history notification tool, used unsafe paths when importing its python libraries. This could allow the execution of arbitrary shell commands if the root user executed the command in a directory which other local users may write to...
[SECURITY] [DSA 1465-1] New apt-listchanges packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1465-1 [email protected] http://www.debian.org/security/ Steve Kemp January 17, 2008 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1164-1 (sendmail)
The remote host is missing an update to sendmail announced via advisory DSA 1164-1. A programming error has been discovered in sendmail, an alternative mail transport agent for Debian, that could allow a remote attacker to crash the sendmail process by sending a specially crafted email message...
Debian: Security Advisory (DSA-927-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1288-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1288-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1465-2] New apt-listchanges packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1465-2 [email protected] http://www.debian.org/security/ Steve Kemp January 17, 2008 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 1358-1 (asterisk)
The remote host is missing an update to asterisk announced via advisory DSA 1358-1. OpenVAS Vulnerability Test $Id: deb13581.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1358-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 1365-1 (id3lib3.8.3)
The remote host is missing an update to id3lib3.8.3 announced via advisory DSA 1365-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Debian DSA-1458-1 : openafs - programming error
A race condition in the OpenAFS fileserver allows remote attackers to cause a denial of service daemon crash by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the hostglock lock...
Debian DSA-1456-1 : fail2ban - programming error
Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...
Debian DSA-1457-1 : dovecot - programming error
It was discovered that Dovecot, a POP3 and IMAP server, only when used Remark: 'base' refers to a variable?! and should not contain something as base = %r! with LDAP authentication and 'base' contains variables, could allow a user to log in to the account of another user with the same password...
Debian DSA-1449-1 : loop-aes-utils - programming error
It was discovered that loop-aes-utils, tools for mounting and manipulating filesystems, didn't drop privileged user and group permissions in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges. %NASLMINLEVEL 70300 C Tenable...
Debian DSA-1450-1 : util-linux - programming error
It was discovered that util-linux, miscellaneous system utilities, didn't drop privileged user and group permissions in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
[SECURITY] [DSA 1450-1] New util-linux packages fix programming error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1450-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1449-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...