Debian DSA-1060-1 : kernel-patch-vserver - programming error

Jan Rekorajski discovered that the kernel patch for virtual private servers does not limit context capabilities to the root user within the virtual server, which might lead to privilege escalation for some virtual server specific operations. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

Debian DSA-1092-1 : mysql-dfsg-4.1 - programming error

Josh Berkus and Tom Lane discovered that MySQL 4.1, a popular SQL database, incorrectly parses a string escaped with mysqlrealescape which could lead to SQL injection. This problem does only exist in versions 4.1 and 5.0. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

Debian DSA-1106-1 : ppp - programming error

Marcus Meissner discovered that the winbind plugin in pppd does not check whether a setuid call has been successful when trying to drop privileges, which may fail with some PAM configurations. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Debian DSA-879-1 : gallery - programming error

A bug in gallery has been discovered that grants all registrated postnuke users full access to the gallery. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-879. The text itself is copyrigh...

Debian DSA-1075-1 : awstats - programming error

Hendrik Weimer discovered that awstats can execute arbitrary commands under the user id the web-server runs when users are allowed to supply arbitrary configuration files. Even though, this bug was referenced in DSA 1058 accidentally, it was not fixed yet. The new default behaviour is not to acce...

Debian DSA-889-1 : enigmail - programming error

Hadmut Danish discovered a bug in enigmail, GPG support for Mozilla MailNews and Mozilla Thunderbird, that can lead to the encryption of mail with the wrong public key, hence, potential disclosure of confidential data to others. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

Debian DSA-1028-1 : libimager-perl - programming error

Kjetil Kjernsmo discovered a bug in libimager-perl, a Perl extension for generating 24 bit images, which can lead to a segmentation fault if it operates on 4-channel JPEG images. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Debian DSA-996-1 : libcrypt-cbc-perl - programming error

Lincoln Stein discovered that the Perl Crypt::CBC module produces weak ciphertext when used with block encryption algorithms with blocksize 8 bytes. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

Debian DSA-1087-1 : postgresql - programming error

Several encoding problems have been discovered in PostgreSQL, a popular SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-2313 Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling of invalidly-encoded multibyte text data...

Debian DSA-990-1 : bluez-hcidump - programming error

A denial of service condition has been discovered in bluez-hcidump, a utility that analyses Bluetooth HCI packets, which can be triggered remotely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

Debian DSA-1146-1 : krb5 - programming error

In certain application programs packaged in the MIT Kerberos 5 source distribution, calls to setuid and seteuid are not always checked for success and may fail with some PAM configurations. A local user could exploit one of these vulnerabilities to result in privilege escalation. No exploit code ...

Debian DSA-1090-1 : spamassassin - programming error

A vulnerability has been discovered in SpamAssassin, a Perl-based spam filter using text analysis, that can allow remote attackers to execute arbitrary commands. This problem only affects systems where spamd is reachable via the internet and used with vpopmail virtual users, via the '-v' /...

Debian DSA-993-2 : gnupg - programming error

Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, can be tricked to emit a 'good signature' status message when a valid signature is included which does not belong to the data packet. This update basically adds fixed packages for woody whose version turned out to b...

Debian DSA-898-1 : phpgroupware - programming errors

Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application that is included in phpgroupware. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-0870 Maksymilian Arciemowicz discovered several cross site scripti...

Debian DSA-1053-1 : mozilla - programming error

Martijn Wargers and Nick Mott described crashes of Mozilla due to the use of a deleted controller context. In theory this could be abused to execute malicious code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...

Debian DSA-895-1 : uim - programming error

Masanari Yamamoto discovered incorrect use of environment variables in uim, a flexible input method collection and library, that could lead to escalated privileges in setuid/setgid applications linked to libuim. Affected in Debian is at least mlterm. %NASLMINLEVEL 70300 C Tenable Network Security...

Debian DSA-1040-1 : gdm - programming error

A vulnerability has been identified in gdm, a display manager for X, that could allow a local attacker to gain elevated privileges by exploiting a race condition in the handling of the .ICEauthority file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...

Debian DSA-939-1 : fetchmail - programming error

Daniel Drake discovered a problem in fetchmail, an SSL enabled POP3, APOP, IMAP mail gatherer/forwarder, that can cause a crash when the program is running in multidrop mode and receives messages without headers. The old stable distribution woody does not seem to be affected by this problem...

Debian DSA-1172-1 : bind9 - programming error

Two vulnerabilities have been discovered in BIND9, the Berkeley Internet Name Domain server. The first relates to SIG query processing and the second relates to a condition that can trigger an INSIST failure, both lead to a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...

Debian DSA-1109-1 : rssh - programming error

Russ Allbery discovered that rssh, a restricted shell, performs insufficient checking of incoming commands, which might lead to a bypass of access restrictions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...