accept no compromises
Showing 51 - 75 of 3,281 RSS Feed

Files from Debian

Email addresssecurity at debian.org
First Active2003-09-13
Last Active2017-10-16
Debian Security Advisory 3886-2
Posted Jun 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3886-2 - The security update announced as DSA-3886-1 caused regressions for some applications using Java - including jsvc, LibreOffice and Scilab - due to the fix for CVE-2017-1000364. Updated packages are now available to correct this issue.

tags | advisory, java
systems | linux, debian
MD5 | 3255a76fe0614a8ebe91cede0fc3a48f
Debian Security Advisory 3899-1
Posted Jun 27, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3899-1 - Several vulnerabilities have been found in VLC, the VideoLAN project's media player. Processing malformed subtitles or movie files could lead to denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-8310, CVE-2017-8311, CVE-2017-8312, CVE-2017-8313
MD5 | a1d34c086e8bc1a03303567e05276337
Debian Security Advisory 3893-1
Posted Jun 22, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3893-1 - Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer.

tags | advisory, java, arbitrary, code execution, python
systems | linux, debian
advisories | CVE-2016-4000
MD5 | b8ba5a4ab403058f5b4a58ef979ff381
Debian Security Advisory 3890-1
Posted Jun 21, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3890-1 - Emeric Boit of ANSSI reported that SPIP, a website engine for publishing, insufficiently sanitises the value from the X-Forwarded-Host HTTP header field. An unauthenticated attacker can take advantage of this flaw to cause remote code execution.

tags | advisory, remote, web, code execution
systems | linux, debian
advisories | CVE-2017-9736
MD5 | 82f7dc777ed288bd4614a107d13dbf01
Debian Security Advisory 3886-1
Posted Jun 19, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3886-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2017-0605, CVE-2017-1000364, CVE-2017-7487, CVE-2017-7645, CVE-2017-7895, CVE-2017-8064, CVE-2017-8890, CVE-2017-8924, CVE-2017-8925, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9242
MD5 | 7ba642cce9cb63e641f1c54ff2f0b5a2
Debian Security Advisory 3887-1
Posted Jun 19, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3887-1 - The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack.

tags | advisory, local
systems | linux, debian
advisories | CVE-2017-1000366
MD5 | 0e67c7586caaf0743100d67a304537cb
Debian Security Advisory 3882-1
Posted Jun 16, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3882-1 - Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-6127, CVE-2017-5361, CVE-2017-5943, CVE-2017-5944
MD5 | 80b18128a471826de3f12427b008b450
Debian Security Advisory 3881-1
Posted Jun 15, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3881-1 - Several security issues have been found in the Mozilla Firefox web and other implementation errors may lead to the execution of arbitrary code, denial of service or domain spoofing.

tags | advisory, web, denial of service, arbitrary, spoof
systems | linux, debian
advisories | CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7752, CVE-2017-7754, CVE-2017-7756, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764, CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE-2017-7778
MD5 | 66a9fa3e07bdc4c6bfc06da38753d483
Debian Security Advisory 3880-1
Posted Jun 14, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3880-1 - It was discovered that a side channel attack in the EdDSA session key handling in Libgcrypt may result in information disclosure.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2017-9526
MD5 | 8171c625f6e81ca504335f56b54b7a5b
Debian Security Advisory 3877-1
Posted Jun 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3877-1 - It has been discovered that Tor, a connection-based low-latency anonymous communication system, contain a flaw in the hidden service code when receiving a BEGIN_DIR cell on a hidden service rendezvous circuit. A remote attacker can take advantage of this flaw to cause a hidden service to crash with an assertion failure (TROVE-2017-005).

tags | advisory, remote
systems | linux, debian
advisories | CVE-2017-0376
MD5 | 1e476c829efc322f92c73aebf558c5d8
Debian Security Advisory 3876-1
Posted Jun 9, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3876-1 - Joerg-Thomas Vogt discovered that the SecureMode was insufficiently validated in the OTRS ticket system, which could allow agents to escalate their privileges.

tags | advisory
systems | linux, debian
advisories | CVE-2017-9324
MD5 | 1a3f9bd0439566fcdca096177a335993
Debian Security Advisory 3875-1
Posted Jun 9, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3875-1 - It was discovered that a buffer overflow in libmwaw, a library to open old Mac text documents might result in the execution of arbitrary code if a malformed document is opened.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2017-9433
MD5 | f854e3e767281285277d9734e10d3046
Debian Security Advisory 3873-1
Posted Jun 5, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3873-1 - The cPanel Security Team reported a time of check to time of use (TOCTTOU) race condition flaw in File::Path, a core module from Perl to create or remove directory trees. An attacker can take advantage of this flaw to set the mode on an attacker-chosen file to a attacker-chosen value.

tags | advisory, perl
systems | linux, debian
advisories | CVE-2017-6512
MD5 | 599f343c6f8c0a3ef16c7eb1a857ccb8
Debian Security Advisory 3870-1
Posted Jun 1, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3870-1 - Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks.

tags | advisory, remote, web, vulnerability, xss, csrf
systems | linux, debian
advisories | CVE-2017-8295, CVE-2017-9061, CVE-2017-9062, CVE-2017-9063, CVE-2017-9064, CVE-2017-9065
MD5 | 34393add3f849a2fcd80e1d68c82c1e4
Debian Security Advisory 3869-1
Posted Jun 1, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3869-1 - It was discovered that tnef, a tool used to unpack MIME attachments of type "application/ms-tnef", did not correctly validate its input. An attacker could exploit this by tricking a user into opening a malicious attachment, which would result in a denial-of-service by application crash.

tags | advisory
systems | linux, debian
advisories | CVE-2017-8911
MD5 | 848a841d92659d1280501049cf8e0e33
Debian Security Advisory 3867-1
Posted May 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3867-1 - The Qualys Security team discovered that sudo, a program designed to provide limited super user privileges to specific users, does not properly parse "/proc/[pid]/stat" to read the device number of the tty from field 7 (tty_nr). A sudoers user can take advantage of this flaw on an SELinux-enabled system to obtain full root privileges.

tags | advisory, root
systems | linux, debian
advisories | CVE-2017-1000367
MD5 | 11c5b86698e660269acf2d0a6591dfa5
Debian Security Advisory 3866-1
Posted May 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3866-1 - Two denial of service vulnerabilities were identified in strongSwan, an IKE/IPsec suite, using Google's OSS-Fuzz fuzzing project.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2017-9022, CVE-2017-9023
MD5 | e141168c88faa0836967ffd625995f62
Debian Security Advisory 3865-1
Posted May 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3865-1 - It was discovered that pattern-based ACLs in the Mosquitto MQTT broker could be bypassed.

tags | advisory
systems | linux, debian
advisories | CVE-2017-7650
MD5 | 9f2b79dd70fc502769aa1cebfdde6ba6
Debian Security Advisory 3863-1
Posted May 26, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3863-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-7606, CVE-2017-7619, CVE-2017-7941, CVE-2017-7943, CVE-2017-8343, CVE-2017-8344, CVE-2017-8345, CVE-2017-8346, CVE-2017-8347, CVE-2017-8348, CVE-2017-8349, CVE-2017-8350, CVE-2017-8351, CVE-2017-8352, CVE-2017-8353, CVE-2017-8354, CVE-2017-8355, CVE-2017-8356, CVE-2017-8357, CVE-2017-8765, CVE-2017-8830, CVE-2017-9098, CVE-2017-9141, CVE-2017-9142, CVE-2017-9143, CVE-2017-9144
MD5 | 831630db52280259529474c6046a1b5d
Debian Security Advisory 3861-1
Posted May 26, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3861-1 - Jakub Jirasek of Secunia Research discovered that libtasn1, a library used to handle Abstract Syntax Notation One structures, did not properly validate its input. This would allow an attacker to cause a crash by denial-of-service, or potentially execute arbitrary code, by tricking a user into processing a maliciously crafted assignments file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2017-6891
MD5 | 788c0ad49d20fd8197c64ffb108a18ec
Debian Security Advisory 3858-1
Posted May 22, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3858-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in privilege escalation, denial of service, newline injection in SMTP or use of insecure cryptography.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
MD5 | f12bcb568bbff004f7da1df6275f79b1
Debian Security Advisory 3856-1
Posted May 19, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3856-1 - Two vulnerabilities have been discovered in the web interface of the Deluge BitTorrent client (directory traversal and cross-site request forgery).

tags | advisory, web, vulnerability, csrf
systems | linux, debian
advisories | CVE-2017-7178, CVE-2017-9031
MD5 | 94c93fe733d629e34296312a84e22a5f
Debian Security Advisory 3853-1
Posted May 15, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3853-1 - It was discovered that bitlbee, an IRC to other chat networks gateway, contained issues that allowed a remote attacker to cause a denial of service (via application crash), or potentially execute arbitrary commands.

tags | advisory, remote, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2016-10188, CVE-2016-10189
MD5 | 4e8ffd7f45d31432493f35cc0424ce80
Debian Security Advisory 3848-1
Posted May 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3848-1 - Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn "git upload-pack --help".

tags | advisory, shell
systems | linux, debian
advisories | CVE-2017-8386
MD5 | e60c0d507349db5ea9c6655ff7195174
Debian Security Advisory 3847-1
Posted May 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3847-1 - Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information leaks.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2016-10013, CVE-2016-10024, CVE-2016-9932, CVE-2017-7228
MD5 | 46b33a3c85b762ad3077f102ed02350f
Page 3 of 132
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close