Debian Security Advisory DSA-018-1 - A heap overflow has been found in tinyproxy which allows remote attackers to execute commands as user nobody.
3e98c0d1d4f6e1198e269a03fda51327e5cf2860834b0eba1615ed91b1d083fd
Debian Security Advisory - There is a problem in the way gpg checks detached signatures which can lead to false positives. Also it was discovered that gpg would import secret keys from key-servers, circumventing the web of trust. GnuPG homepage here.
5d14e9537651bbc63698a8574da5f9f191cba27896ffb7f45b4cb6d6b2e12a34
Debian Security Advisory - Stunnel has a format string vulnerability, random number problems, symlink vulnerabilities, and insecure syslog() calls. These are fixed in v3.10.
7c5528d13465844144c14d93e5020787edccc35ed0557d62e4572c41da757e91
Debian Security Advisory - Dialog creates lock files insecurely, making it susceptible to a symlink attack.
0e1a4dfce47304b778ad0b42e62db3dd738036c36bdf2773a246d1ef9a82e135
Debian Security Advisory - A bug in the database reading code of slocate makes possible to overwrite a internal structure with some input. This can be used to trick slocate into executing arbitrary code by pointing it to a carefully crafted database. This is fixed in slocate v2.4.
24e59b5dc48649f6a9258edf08a87a8b7537a1b2ddb866b04b56715dceb03bcb
Debian Security Advisory - The problem that was previously reported for joe also occurs with other editors. When nano (a free pico clone) unexpectedly dies it tries a warning message to a new file with a predictable name. Unfortunately that file was not created safely which made nano vulnerable to a symlink attack. This has been fixed in version 0.9.23-1 (except for powerpc, which has version 0.9.23-1.1).
6cf26c8a6c9303180c410ab4dc3cda34443b39eec2c11bf8bd3908081f04eff4
Debian Security Advisory - Hacksware reported a buffer overflow in the AFS packet parsing code in ethereal. Gerald Combs then found more overflows in the netbios and ntp decoding logic as well. An attacker can exploit those overflows by sending carefully crafted packets to a network that is being monitored by ethereal. This has been fixed in version 0.8.0-2potato and we recommend you upgrade your ethereal package immediately.
93f50aa785393b7baef6130cf1a2d807b98f2636af7cc8700005d24144d768a7
Debian Security Advisory - When joe (Joe's Own Editor) dies due to a signal instead of a normal exit it saves a list of the files it is editing to a file called DEADJOE in its current directory. Unfortunately this wasn't done safely which made joe vulnerable to a symlink attack.
2cc7835cff6b7eee83067241ec14569c45c3f9da7e897fdc6df2e25ceaaf4078
Debian Security Advisory - Fsh, a tool to run remote commands over ssh, has a tempfile vulnerability which has been fixed in version 1.0.post.1-3potato.
77a600041d29c2f51518dfb8465750aa716fde0d1a7e44b1f2c1f82ae4315ed7
Debian Security Advisory - GNU ed (the classic line editor tool) does not use temp files safely. This has been fixed in version 0.2-18.1.
de73eac3bb5038d499dda4eb013fca17699e19ae8aee81a35ef379ea784bf3b8
Debian Security Advisory - ghostscript uses temporary files to do some of its work. Unfortunately the method used to create those files wasn't secure: mktemp was used to create a name for a temporary file, but the file was not opened safely. A second problem is that during build the LD_RUN_PATH environment variable was set to the empty string, which causes the dynamic linker to look in the current directory for shared libraries.
79e8f4b60426ccf8b03cea104e312f9beb7dcdab7ca25bfa2fa7e73c2e28d999
Debian Security Advisory - During internal source code auditing by FreeBSD several buffer overflows were found which allow an attacker to make tcpdump crash by sending carefully crafted packets to a network that is being monitored with tcpdump. This has been fixed in version 3.4a6-4.2.
981b5990cc1763ea7fa96ba1ea6c7d1929d17c49f3c800a820e0927f9e249b7f
Debian Security Advisory - The version of the ncurses display library shipped with Debian GNU/Linux 2.2 is vulnerable to several buffer overflows in the parsing of terminfo database files. The problems are only exploitable in the presence of setuid binaries linked to ncurses which use these particular functions, including xmcd versions before 2.5pl1-7.1.
336c3ce869efdf290246fbfd466b0f12bad351d1f302f870767531e91b7f3fc3
Debian Security Advisory - The Debian GNU/Linux xmcd package has historically installed two setuid helpers for accessing cddb databases and SCSI cdrom drives. More recently, the package offered the administrator the chance to remove these setuid flags, but did so incorrectly. A buffer overflow in ncurses, linked to the "cda" binary, allowed a root exploit. Fixed ncurses packages have been released, as well as fixed xmcd packages which do not install this binary with a setuid flag. The problem is fixed in xmcd 2.5pl1-7.1, and we recommend all users with xmcd installed upgrade to this release. You may need to add users of xmcd to the "audio" and "cdrom" groups in order for them to continue using xmcd.
8662a5a35e41d91673db0df0b3ae1f799f037290b1843aee1f582e633092e22e
Debian Security Advisory - A tempfile bug was discovered in elvis-tiny prior to v1.4-10 which does not exist in the full size elvis.
1f66bab352ccedb7d565e14b1ee161090ddf906a118e146282a369fa306c7ad2
Debian Security Advisory - A problem in the modprobe utility that can be exploited by local users to run arbitrary commands as root if the machine is running a kernel with kmod enabled has been discovered.
d440505b7831d45ecd78c04b42425473fb9fe116ba3afa8db1cd5a0a127e52a8
Debian Security Advisory - CUPS allows remote users to abuse print services.
4977a46d21f2a0e14563bee4ed0429b67dc83a2bc56fa7dc5b82bd15789138ff
Debian Security Advisory - The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable to a local attack, discovered by Michal Zalewski. Several problems, including insecure permissions on temporary files and race conditions in their deletion, allowed attacks from a denial of service (preventing the editing of crontabs) to an escalation of privilege (when another user edited their crontab). As a temporary fix, "chmod go-rx /var/spool/cron/crontabs" prevents the only available exploit; however, it does not address the problem - upgrade is needed.
45066b5be833b8794dd17760df1ec1d6a414c23ede771168906f53a3c837a917
Debian Security Advisory - Versions of BIND prior to 8.2.2p7-1 are vulnerable to a denial of service attack which causes the nameserver to crash after accessing an uninitialized pointer.
536c3d922dd395eb83a854e077ee0dd94b4857e267412af555f3c2f9e9429050
Debian Security Advisory - A temp file vulnerability has been found in tcsh prior v6.09.00-10 when using the double less than (<<) input redirection. Arbitrary files can be overwritten as the user running tcsh.
7efe31e447b02b4297ead06096bfa7cf57646e9ba472def7f37c7302135e93cf
Debian Security Advisory - The version of gnupg that was distributed in Debian GNU/Linux 2.2 had a logic error in the code that checks for valid signatures which could cause false positive results: Jim Small discovered that if the input contained multiple signed sections the exit-code gnupg returned was only valid for the last section, so improperly signed other sections were not noticed.
7b580d993e3ec165324bdacb732286a9da8dc2bdb462656c7c2d9a32d750026b
Debian Security Advisory - In versions of the PHP 4 packages before version 4.0.3, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server.
e031d1ac0242a6c7e919fe15518e47dc9411ec40b6e045152efdfb901bee5c15
Debian Security Advisory - In versions of the PHP 3 packages before version 3.0.17, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server, particularly if error logging was enabled.
dd9e1294b5f3f1834b54ecd3f83b50d6ee1121239f0aae1a9014b88f4d4ea474
The nis package that was distributed with Debian GNU/Linux 2.1 has a couple of problems which have been fixed in version 3.5-2. We recommend you upgrade your nis package immediately. Debian security homepage here.
e31ce655c74265d1033cb65a4ab3ff5b2e5a6f8d377f54600b58b8ad993a51f2
Debian Security Advisory - The version of curl as distributed with Debian GNU/Linux 2.2 had a bug in the error logging code: when it created an error message it failed to check the size of the buffer allocated for storing the message. This could be exploited by the remote machine by returning an invalid response to a request from curl which overflows the error buffer and trick curl into executing arbitrary code.
b4546e53189726ce86a3b698d2a39926c6eabfb3a4c4ab5225418a919e65a44a