[SECURITY] [DSA 815-1] New kdebase packages fix local root vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 815-1 [email protected] http://www.debian.org/security/ Martin Schulze September 16th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 815-1] New kdebase packages fix local root vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 815-1 [email protected] http://www.debian.org/security/ Martin Schulze September 16th, 2005 http://www.debian.org/security/faq -...

DSA-815-1 kdebase - programming error

Bulletin has no description...

[SECURITY] [DSA 803-1] New Apache packages fix HTTP request smuggling

-------------------------------------------------------------------------- Debian Security Advisory DSA 803-1 [email protected] http://www.debian.org/security/ Martin Schulze September 8th, 2005 http://www.debian.org/security/faq -...

Debian DSA-801-1 : ntp - programming error

SuSE developers discovered that ntp confuses the given group id with the group id of the given user when called with a group id on the commandline that is specified as a string and not as a numeric gid, which causes ntpd to run with different privileges than intended. %NASLMINLEVEL 70300 C Tenabl...

Debian DSA-790-1 : phpldapadmin - programming error

Alexander Gerasiov discovered that phpldapadmin, a web-based interface for administering LDAP servers, allows anybody to access the LDAP server anonymously, even if this is disabled in the configuration with the 'disableanonbind' statement. The old stable distribution woody is not vulnerable to...

Debian DSA-794-1 : polygen - programming error

Justin Rye noticed that polygen generates precompiled grammar objects world-writable, which can be exploited by a local attacker to at least fill up the filesystem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...

[SECURITY] [DSA 801-1] New ntp packages fix group id confusion

-------------------------------------------------------------------------- Debian Security Advisory DSA 801-1 [email protected] http://www.debian.org/security/ Martin Schulze September 5th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 801-1] New ntp packages fix group id confusion

-------------------------------------------------------------------------- Debian Security Advisory DSA 801-1 [email protected] http://www.debian.org/security/ Martin Schulze September 5th, 2005 http://www.debian.org/security/faq -...

DSA-801-1 ntp - programming error

Bulletin has no description...

[SECURITY] [DSA 794-1] New polygen packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- Debian Security Advisory DSA 794-1 security at debian dot org email concealed http://www.debian.org/security/ Martin Schulze September 1st, 2005...

[SECURITY] [DSA 794-1] New polygen packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 794-1 [email protected] http://www.debian.org/security/ Martin Schulze September 1st, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 794-1] New polygen packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 794-1 [email protected] http://www.debian.org/security/ Martin Schulze September 1st, 2005 http://www.debian.org/security/faq -...

Debian DSA-784-1 : courier - programming error

A problem has been discovered in the Courier Mail Server. DNS failures were not handled properly when looking up Sender Policy Framework SPF records, which could allow attackers to cause memory corruption. The default configuration on Debian has SPF checking disabled, so most machines are not...

DSA-790-1 phpldapadmin - programming error

Bulletin has no description...

[SECURITY] [DSA 784-1] New courier packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 784-1 [email protected] http://www.debian.org/security/ Martin Schulze August 25th, 2005 http://www.debian.org/security/faq -...

Microsoft Security Bulletin MS05-040 Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)

Microsoft Security Bulletin MS05-040 Vulnerability in Telephony Service Could Allow Remote Code Execution 893756 Issued: August 9, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

FreeBSD : Cyrus IMAPd -- APPEND command uses undefined programming construct (31952117-3d17-11d9-8818-008088034841)

To support MULTIAPPENDS the cmdappend handler uses the global stage array. This array is one of the things that gets destructed when the fatal function is triggered. When the Cyrus IMAP code adds new entries to this array this is done with the help of the postfix increment operator in combination...

FreeBSD : Apache 1.3 IP address access control failure on some 64-bit platforms (09d418db-70fd-11d8-873f-0020ed76ef5a)

Henning Brauer discovered a programming error in Apache 1.3's modaccess that results in the netmasks in IP address access control rules being interpreted incorrectly on 64-bit, big-endian platforms. In some cases, this could cause a deny from' IP address access control rule including a netmask to...

Debian DSA-744-1 : fuse - programming error

Sven Tantau discovered a security problem in fuse, a filesystem in userspace, that can be exploited by malicious, local users to disclose potentially sensitive information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...