Twenty Year Anniversary
Showing 1 - 25 of 3,532 RSS Feed

Files from Debian

Email addresssecurity at debian.org
First Active2003-09-13
Last Active2018-09-21
Debian Security Advisory 4298-1
Posted Sep 21, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4298-1 - Luis Merino, Markus Vervier and Eric Sesterhenn discovered that missing input sanitising in the Hylafax fax software could potentially result in the execution of arbitrary code via a malformed fax message.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-17141
MD5 | 16d9fa9dc1088373f349597c035aafba
Debian Security Advisory 4297-1
Posted Sep 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4297-1 - Two vulnerabilities have been discovered in the chromium web browser. Kevin Cheung discovered an error in the WebAssembly implementation and evil1m0 discovered a URL spoofing issue.

tags | advisory, web, spoof, vulnerability
systems | linux, debian
MD5 | 4f8d322b2d6ea29707a0439ed5b41706
Debian Security Advisory 4296-1
Posted Sep 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4296-1 - Two vulnerabilities were discovered in mbedtls, a lightweight crypto and SSL/TLS library which could result in plain text recovery via side-channel attacks.

tags | advisory, crypto, vulnerability
systems | linux, debian
advisories | CVE-2018-0497, CVE-2018-0498
MD5 | 59293157a0f21f3228071e876b5a0988
Debian Security Advisory 4295-1
Posted Sep 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4295-1 - safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-12361, CVE-2018-12367, CVE-2018-12371, CVE-2018-5156, CVE-2018-5187
MD5 | c01b31084c3ffcfaf809a853f36ca1f8
Debian Security Advisory 4294-1
Posted Sep 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4294-1 - Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-16509, CVE-2018-16802
MD5 | 5536e1e864054d6f82660441d74f9e19
Debian Security Advisory 4293-1
Posted Sep 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4293-1 - Several heap buffer overflows were found in discount, an implementation of the Markdown markup language, that could be triggered witth specially crafted Markdown data and would cause discount to read past the end of internal buffers.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2018-11468, CVE-2018-11503, CVE-2018-11504, CVE-2018-12495
MD5 | 4421b9685d73866006c16d1c98ab0cb1
Debian Security Advisory 4273-2
Posted Sep 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4273-2 - This update ships updated CPU microcode for additional models of Intel CPUs which were not yet covered by the Intel microcode update released as DSA-4273-1 (and thus provides SSBD support (needed to address "Spectre v4") and fixes for "Spectre v3a")).

tags | advisory
systems | linux, debian
advisories | CVE-2018-3639, CVE-2018-3640
MD5 | 8d3bff6c7eba959568a9bbd92b2ec137
Debian Security Advisory 4292-1
Posted Sep 13, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4292-1 - Henning Westerholt discovered a flaw related to the Via header processing in kamailio, a very fast, dynamic and configurable SIP server. An unauthenticated attacker can take advantage of this flaw to mount a denial of service attack via a specially crafted SIP message with an invalid Via header.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2018-16657
MD5 | 07fdefb37bbfd74dba449492e9ff5d87
Debian Security Advisory 4291-1
Posted Sep 13, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4291-1 - Two input sanitization failures have been found in the faxrunq and faxq binaries in mgetty, a smart modem getty replacement. An attacker could leverage them to insert commands via shell metacharacters in jobs id and have them executed with the privilege of the faxrunq/faxq user.

tags | advisory, shell
systems | linux, debian
advisories | CVE-2018-16741
MD5 | be0cb8e6db32850d296d214e389adee1
Debian Security Advisory 4290-1
Posted Sep 11, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4290-1 - Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-14346, CVE-2018-14347, CVE-2018-16430
MD5 | 95ada67ea55021facccf6ed6bd2c100d
Debian Security Advisory 4289-1
Posted Sep 9, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4289-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2018-16065, CVE-2018-16066, CVE-2018-16067, CVE-2018-16068, CVE-2018-16069, CVE-2018-16070, CVE-2018-16071, CVE-2018-16073, CVE-2018-16074, CVE-2018-16075, CVE-2018-16076, CVE-2018-16077, CVE-2018-16078, CVE-2018-16079, CVE-2018-16080, CVE-2018-16081, CVE-2018-16082, CVE-2018-16083, CVE-2018-16084, CVE-2018-16085
MD5 | 432b3a7c247732970055d96ca8d676d1
Debian Security Advisory 4288-1
Posted Sep 8, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4288-1 - Tavis Ormandy discovered multiple vulnerabilities in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-15908, CVE-2018-15910, CVE-2018-15911, CVE-2018-16511, CVE-2018-16513, CVE-2018-16539, CVE-2018-16540, CVE-2018-16541, CVE-2018-16542, CVE-2018-16543, CVE-2018-16585
MD5 | 10e2c7e46f6ca39a6c5ea6ea84540da4
Debian Security Advisory 4287-1
Posted Sep 8, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4287-1 - Several security issues have been found in the Mozilla Firefox web the execution of arbitrary code or denial of service.

tags | advisory, web, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-12376, CVE-2018-12377, CVE-2018-12378
MD5 | 8c534446d24d294adfa45680fe616452
Debian Security Advisory 4286-1
Posted Sep 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4286-1 - Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2018-14618
MD5 | 1c2a320358f153133062444a0f5d9c7f
Debian Security Advisory 4285-1
Posted Sep 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4285-1 - Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager. Owner and listmasters could use this flaw to create or modify arbitrary files in the server with privileges of sympa user or owner view list config files even if edit_list.conf prohibits it.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-1000550
MD5 | 481d44583b29fd54725773edff3d4d40
Debian Security Advisory 4284-1
Posted Sep 5, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4284-1 - Quang Nguyen discovered an integer overflow in the Little CMS 2 colour management library, which could in denial of service and potentially the execution of arbitrary code if a malformed IT8 calibration file is processed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2018-16435
MD5 | 11062157fe2f39797ae7b831b3ea166c
Debian Security Advisory 4283-1
Posted Sep 3, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4283-1 - It was discovered that ruby-json-jwt, a Ruby implementation of JSON web tokens performed insufficient validation of GCM auth tags.

tags | advisory, web, ruby
systems | linux, debian
advisories | CVE-2018-1000539
MD5 | 6c807bab6935c80577431de085fea133
Debian Security Advisory 4282-1
Posted Sep 3, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4282-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service, cache poisoning or information disclosure.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2018-1318, CVE-2018-8004, CVE-2018-8005, CVE-2018-8040
MD5 | 9d6a9c8fd94e07d03970ae36dfdb1c0c
Debian Security Advisory 4281-1
Posted Aug 29, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4281-1 - Several issues were discovered in the Tomcat servlet and JSP engine. They could lead to unauthorized access to protected resources, denial-of-service, or information leak.

tags | advisory
systems | linux, debian
advisories | CVE-2018-1304, CVE-2018-1305, CVE-2018-1336, CVE-2018-8034, CVE-2018-8037
MD5 | 618cacbcabcb734a39fc3a1dc8ca8cc4
Debian Security Advisory 4279-2
Posted Aug 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4279-2 - The security update announced as DSA 4279-1 caused regressions on the ARM architectures (boot failures on some systems). Updated packages are now available to correct this issue.

tags | advisory
systems | linux, debian
MD5 | d31fe2c227fe96156e6d0e10d7321180
Debian Security Advisory 4280-1
Posted Aug 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4280-1 - Dariusz Tytko, Michal Sajdak and Qualys Security discovered that OpenSSH, an implementation of the SSH protocol suite, was prone to a user enumeration vulnerability. This would allow a remote attacker to check whether a specific user account existed on the target server.

tags | advisory, remote, protocol
systems | linux, debian
advisories | CVE-2018-15473
MD5 | 3d0963b28013c21571d9d2aa7eafa911
Debian Security Advisory 4279-1
Posted Aug 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4279-1 - Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary (non-user controlled) addresses, including from the kernel and all other processes running on the system or cross guest/host boundaries to read host memory.

tags | advisory, arbitrary, kernel
systems | linux, debian
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | aab9fef60b5c6ccfcb3e7fcbbcf56798
Debian Security Advisory 4278-1
Posted Aug 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4278-1 - Multiple vulnerabilities were discovered in Jetty, a Java servlet engine and webserver which could result in HTTP request smuggling.

tags | advisory, java, web, vulnerability
systems | linux, debian
advisories | CVE-2017-7656, CVE-2017-7657, CVE-2017-7658
MD5 | a5a121578714bc50afb58a659094d9e1
Debian Security Advisory 4277-1
Posted Aug 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4277-1 - Several vulnerabilities were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, potentially leading to code execution, denial of service or information disclosure when connecting to a malicious mail/NNTP server.

tags | advisory, denial of service, vulnerability, code execution, info disclosure
systems | linux, debian
advisories | CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352, CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356, CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14360, CVE-2018-14361, CVE-2018-14362, CVE-2018-14363
MD5 | 3e9239fe6879deb1579bbbf60a15ee7b
Debian Security Advisory 4276-1
Posted Aug 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4276-1 - Fariskhi Vidyan and Thomas Jarosch discovered several vulnerabilities in php-horde-image, the image processing library for the Horde groupware suite. They would allow an attacker to cause a denial-of-service or execute arbitrary code.

tags | advisory, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2017-14650, CVE-2017-9773, CVE-2017-9774
MD5 | 84275deef406d84c7f82d6c07a2ae031
Page 1 of 142
Back12345Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close