all things security
Showing 76 - 100 of 3,283 RSS Feed

Files from Debian

Email addresssecurity at debian.org
First Active2003-09-13
Last Active2017-10-20
Debian Security Advisory 3848-1
Posted May 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3848-1 - Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn "git upload-pack --help".

tags | advisory, shell
systems | linux, debian
advisories | CVE-2017-8386
MD5 | e60c0d507349db5ea9c6655ff7195174
Debian Security Advisory 3847-1
Posted May 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3847-1 - Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information leaks.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2016-10013, CVE-2016-10024, CVE-2016-9932, CVE-2017-7228
MD5 | 46b33a3c85b762ad3077f102ed02350f
Debian Security Advisory 3846-1
Posted May 9, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3846-1 - Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. Multiple heap overflows, out-of-bound writes and reads, NULL pointer dereferences and infinite loops could be exploited by tricking a user into opening a maliciously crafted winmail.dat file.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2017-6298, CVE-2017-6299, CVE-2017-6300, CVE-2017-6301, CVE-2017-6302, CVE-2017-6303, CVE-2017-6304, CVE-2017-6305, CVE-2017-6306, CVE-2017-6800, CVE-2017-6801, CVE-2017-6802
MD5 | 2a561b84e2c5f8d3b61e67fc790af1e4
Debian Security Advisory 3845-1
Posted May 9, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3845-1 - Guido Vranken discovered that incorrect memory management in libtirpc, a transport-independent RPC library used by rpcbind and other programs may result in denial of service via memory exhaustion (depending on memory management settings).

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2017-8779
MD5 | 62063a27984ce9c4d8b78c93b448de27
Debian Security Advisory 3843-1
Posted May 4, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3843-1 - Two vulnerabilities were discovered in tomcat8, a servlet and JSP engine.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-5647, CVE-2017-5648
MD5 | a74610a9b71da0352fc16dd4e10856b5
Debian Security Advisory 3842-1
Posted May 4, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3842-1 - Two vulnerabilities were discovered in tomcat7, a servlet and JSP engine.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-5647, CVE-2017-5648
MD5 | a5d0daeda94d8592069f77f40223c30e
Debian Security Advisory 3838-1
Posted Apr 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3838-1 - Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-10219, CVE-2016-10220, CVE-2017-5951, CVE-2017-7207, CVE-2017-8291
MD5 | c3ad9f6743b40507b3e3766e84c5eb21
Debian Security Advisory 3836-1
Posted Apr 27, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3836-1 - It was discovered that weechat, a fast and light chat client, is prone to a buffer overflow vulnerability in the IRC plugin, allowing a remote attacker to cause a denial-of-service by sending a specially crafted filename via DCC.

tags | advisory, remote, overflow
systems | linux, debian
advisories | CVE-2017-8073
MD5 | c8834003029c854d876903fadae5e0e7
Debian Security Advisory 3834-1
Posted Apr 26, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3834-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.55, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-3302, CVE-2017-3305, CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3453, CVE-2017-3456, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3600
MD5 | 8f751a9db7d285ea320ff93835b91662
Debian Security Advisory 3833-1
Posted Apr 25, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3833-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
advisories | CVE-2016-9821, CVE-2016-9822
MD5 | ce2eb0b882c96fe6fe51ba0aa73ae3f9
Debian Security Advisory 3831-1
Posted Apr 20, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3831-1 - Multiple security issues have been found in the Mozilla Firefox web overflows and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service.

tags | advisory, web, denial of service, overflow, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2017-5429, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5459, CVE-2017-5460, CVE-2017-5461, CVE-2017-5462, CVE-2017-5464, CVE-2017-5465, CVE-2017-5469
MD5 | e8e4d6d84d9ead16c475d109c46cf94a
Debian Security Advisory 3829-1
Posted Apr 12, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3829-1 - Quan Nguyen discovered that a missing boundary check in the Galois/Counter mode implementation of Bouncy Castle (a Java implementation of cryptographic algorithms) may result in information disclosure.

tags | advisory, java, info disclosure
systems | linux, debian
advisories | CVE-2015-6644
MD5 | 5b2346ba75dd84fce5a3d0e0ac8f0595
Debian Security Advisory 3827-1
Posted Apr 7, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3827-1 - Multiple vulnerabilities have been discovered in the JasPer library for processing JPEG-2000 images, which may result in denial of service or the execution of arbitrary code if a malformed image is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-10249, CVE-2016-10251, CVE-2016-9591
MD5 | 428c6fff9870de5679cdb5b08dc438da
Debian Security Advisory 3826-1
Posted Apr 5, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3826-1 - It was discovered that the original patch to address CVE-2016-1242 did not cover all cases, which may result in information disclosure of file contents.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2017-0360
MD5 | 85f53a5e97ba0ea42d32b9366dbdf293
Debian Security Advisory 3824-1
Posted Mar 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3824-1 - George Noseevich discovered that firebird2.5, a relational database system, did not properly check User-Defined Functions (UDF), thus allowing remote authenticated users to execute arbitrary code on the firebird server.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2017-6369
MD5 | a903fa771ede3f94a6d8411f77b8cc7c
Debian Security Advisory 3798-2
Posted Mar 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3798-2 - DSA-3798-1 for tnef introduced a regression that caused crashes on some attachments.

tags | advisory
systems | linux, debian
MD5 | 260283bf449b761e5d5aeb62df159960
Debian Security Advisory 3823-1
Posted Mar 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3823-1 - Ilja Van Sprundel discovered that the dmcrypt-get-device helper used to check if a given device is an encrypted device handled by devmapper, and used in eject, does not check return values from setuid() and setgid() when dropping privileges.

tags | advisory
systems | linux, debian
advisories | CVE-2017-6964
MD5 | b8e0744c8807ec40d400e1b3b7a20c1d
Debian Security Advisory 3821-1
Posted Mar 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3821-1 - Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-5846, CVE-2017-5847
MD5 | 48c846bac8318eb8125acb83197bc479
Debian Security Advisory 3817-1
Posted Mar 24, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3817-1 - Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2016-9601
MD5 | b53193f5cbde7f39e04e95f14d8d45dd
Debian Security Advisory 3816-1
Posted Mar 23, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3816-1 - Jann Horn of Google discovered a time-of-check, time-of-use race condition in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client can take advantage of this flaw by exploiting a symlink race to access areas of the server file system not exported under a share definition.

tags | advisory
systems | linux, unix, debian
advisories | CVE-2017-2619
MD5 | 3fe3acbad5b20184c59b50c18e61f4bc
Debian Security Advisory 3796-2
Posted Mar 20, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3796-2 - CVE-2016-8743 meant being more stringent when dealing with whitespace patterns in HTTP requests, and that change broke the upload tool of sitesummary-client.

tags | advisory, web
systems | linux, debian
MD5 | ca35fd6bcd152ceab7d1f1349190a461
Debian Security Advisory 3813-1
Posted Mar 19, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3813-1 - Cory Duplantis discovered a buffer overflow in the R programming language. A malformed encoding file may lead to the execution of arbitrary code during PDF generation.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-8714
MD5 | d46b1c652380cdb079c70974b82456ab
Debian Security Advisory 3812-1
Posted Mar 18, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3812-1 - It was discovered that ioquake3, a modified version of the ioQuake3 game engine performs insufficient restrictions on automatically downloaded content (pk3 files or game code), which allows malicious game servers to modify configuration settings including driver settings.

tags | advisory
systems | linux, debian
advisories | CVE-2017-6903
MD5 | 7ac8ab7a715703fa2740a5a16e1477b7
Debian Security Advisory 3811-1
Posted Mar 18, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3811-1 - It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for ASTERIX , DHCPv6, NetScaler, LDSS, IAX2, WSP, K12 and STANAG 4607, that could lead to various crashes, denial-of-service or execution of arbitrary code.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2017-5596, CVE-2017-5597, CVE-2017-6014, CVE-2017-6467, CVE-2017-6468, CVE-2017-6469, CVE-2017-6470, CVE-2017-6471, CVE-2017-6472, CVE-2017-6473, CVE-2017-6474
MD5 | 5feeb85ab0ea1e4b8ba0f32e277eeab3
Debian Security Advisory 3808-1
Posted Mar 14, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3808-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TGA, Sun or PSD files are processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-6498, CVE-2017-6499, CVE-2017-6500
MD5 | 1fb7876bf3e53545d1d4181d56a853c7
Page 4 of 132
Back23456Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close