seeing is believing
Showing 101 - 125 of 5,301 RSS Feed

Operating System: Debian

Debian Security Advisory 3730-1
Posted Dec 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3730-1 - Multiple security issues have been found in Icedove, Debian's version of same-origin policy bypass issues, integer overflows, buffer overflows and use-after-frees may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-5290, CVE-2016-5291, CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-9074, CVE-2016-9079
MD5 | e41e69a9ad1773d2c5ca46ebc73ecd5b
Debian Security Advisory 3725-1
Posted Nov 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3725-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-9911, CVE-2015-2632, CVE-2015-4844, CVE-2016-0494, CVE-2016-6293, CVE-2016-7415
MD5 | 999ff3a6c8613cc49e208b4bf2335876
Debian Security Advisory 3723-1
Posted Nov 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3723-1 - Chris Evans discovered that the GStreamer 1.0 plugin used to decode files in the FLIC format allowed execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-9634, CVE-2016-9635, CVE-2016-9636
MD5 | 41b2db800799c9e0b3ed07575dd8bda8
Debian Security Advisory 3724-1
Posted Nov 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3724-1 - Chris Evans discovered that the GStreamer 0.10 plugin used to decode files in the FLIC format allowed execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-9634, CVE-2016-9635, CVE-2016-9636
MD5 | 7ed822789560e98d9da03a45c84ff9a9
Debian Security Advisory 3719-1
Posted Nov 21, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3719-1 - It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for DCERPC, AllJoyn, DTN, and OpenFlow, that could lead to various crashes, denial-of-service, or execution of arbitrary code.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2016-9373, CVE-2016-9374, CVE-2016-9375, CVE-2016-9376
MD5 | 2cae2763705b25fc29e4a0ae7b57f87c
Debian Security Advisory 3716-1
Posted Nov 17, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3716-1 - Multiple security issues have been found in the Mozilla Firefox web implementation errors may lead to the execution of arbitrary code or bypass of the same-origin policy. Also, a man-in-the-middle attack in the addon update mechanism has been fixed.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2016-5290, CVE-2016-5291, CVE-2016-5296, CVE-2016-5297, CVE-2016-9064, CVE-2016-9066, CVE-2016-9074
MD5 | f8e78fc16f9cf46208bc2fb16cf34b76
Nginx Root Privilege Escalation
Posted Nov 16, 2016
Authored by Dawid Golunski

Nginx web server packaging on Debian-based distributions such as Debian or Ubuntu was found to create log directories with insecure permissions which can be exploited by malicious local attackers to escalate their privileges from nginx/web user (www-data) to root. The vulnerability could be easily exploited by attackers who have managed to compromise a web application hosted on Nginx server and gained access to www-data account as it would allow them to escalate their privileges further to root access and fully compromise the system. This is fixed in 1.6.2-5+deb8u3 package on Debian and 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS. UPDATE 2017/01/13 - nginx packages below version 1.10.2-r3 on Gentoo are also affected.

tags | exploit, web, local, root
systems | linux, debian, ubuntu
advisories | CVE-2016-1247
MD5 | a18720c4e6d5445fab2ac18439149c1f
Debian Security Advisory 3711-1
Posted Nov 14, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3711-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.28.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-3492, CVE-2016-5584, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-6663, CVE-2016-7440, CVE-2016-8283
MD5 | 6845fee53b314cfd0815122a9207bb5e
Debian Security Advisory 3709-1
Posted Nov 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3709-1 - Nick Wellnhofer discovered that the xsltFormatNumberConversion function in libxslt, an XSLT processing runtime library, does not properly check for a zero byte terminating the pattern string. This flaw can be exploited to leak a couple of bytes after the buffer that holds the pattern string.

tags | advisory
systems | linux, debian
advisories | CVE-2016-4738
MD5 | 1c76275e9711740df6886faaaad81a81
Debian Security Advisory 3707-1
Posted Nov 8, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3707-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2016-5542, CVE-2016-5554, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597
MD5 | f1e5fb2ecc833c86bb5934b94ab05183
Debian Security Advisory 3691-2
Posted Oct 30, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3691-2 - The update for ghostscript issued as DSA-3691-1 caused regressions for certain Postscript document viewers (evince, zathura). Updated packages are now available to address this problem.

tags | advisory
systems | linux, debian
MD5 | cc59fbb6c1e2ab32f618db0aa4b39216
Debian Security Advisory 3701-2
Posted Oct 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3701-2 - The update for nginx issued as DSA-3701-1 to address CVE-2016-1247 introduced a packaging issue, which prevents nginx from being reinstalled or upgraded to a subsequent release. Updated packages are now available to address this problem.

tags | advisory
systems | linux, debian
MD5 | c605f5135166074169086752051aebda
Debian Security Advisory 3700-1
Posted Oct 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3700-1 - Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in denial of service or incorrect certificate validation.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2015-3008, CVE-2016-2232, CVE-2016-2316, CVE-2016-7551
MD5 | d9b34461cc7346ea4e2ee71ca5f7f222
Debian Security Advisory 3701-1
Posted Oct 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3701-1 - Dawid Golunski reported the nginx web server packages in Debian suffered from a privilege escalation vulnerability (www-data to root) due to the way log files are handled. This security update changes ownership of the /var/log/nginx directory root. In addition, /var/log/nginx has to be made accessible to local users, and local users may be able to read the log files themselves local until the next logrotate invocation.

tags | advisory, web, local, root
systems | linux, debian
advisories | CVE-2016-1247
MD5 | 3a4c5042c91c64ed49d9200c46b457f8
Debian Security Advisory 3698-1
Posted Oct 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3698-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability
systems | linux, debian
MD5 | fadde7639490be1421c4c3c69fde17d9
Debian Security Advisory 3695-1
Posted Oct 19, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3695-1 - It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2016-1245
MD5 | df75dc0d6b549eea8e08cb12066b3804
Debian Security Advisory 3694-1
Posted Oct 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3694-1 - It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority.

tags | advisory, remote
systems | linux, debian
MD5 | 24eb0282b20a4a763535cdd4aa55adf3
Debian Security Advisory 3693-1
Posted Oct 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3693-1 - Multiple vulnerabilities have been discovered in the GD Graphics Library, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-7568
MD5 | c72ae7abba5fc5686d76eb807727506b
Debian Security Advisory 3688-1
Posted Oct 6, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3688-1 - Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-4000, CVE-2015-7181, CVE-2015-7182, CVE-2015-7575, CVE-2016-1938, CVE-2016-1950, CVE-2016-1978, CVE-2016-1979, CVE-2016-2834
MD5 | f4619e3053851042cc54a6396eebc199
Debian Security Advisory 3687-1
Posted Oct 6, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3687-1 - Two vulnerabilities were reported in NSPR, a library to abstract over operating system interfaces developed by the Mozilla project.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-1951
MD5 | 8ffc74074df1f0574141bd68df4c12cd
Debian Security Advisory 3684-1
Posted Oct 3, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3684-1 - Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service.

tags | advisory, denial of service, perl
systems | linux, debian
advisories | CVE-2016-1246
MD5 | 948dde10da1adfd60275906fdbc47fab
Debian Security Advisory 3681-2
Posted Oct 3, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3681-2 - It was discovered that the patch to fix CVE-2016-6635 added a function already present in the code, preventing the website to display completely. The package has been updated to fix this regression.

tags | advisory
systems | linux, debian
MD5 | 40d30ba76ba1e1aeac53c482026a76ff
Debian Security Advisory 3680-1
Posted Sep 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3680-1 - Two vulnerabilities were reported in BIND, a DNS server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-2775, CVE-2016-2776
MD5 | f4be7eb297f007809c889e2f569b445e
Debian Security Advisory 3679-1
Posted Sep 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3679-1 - Lukas Reschke discovered that Apache Jackrabbit, an implementation of the Content Repository for Java Technology API, did not correctly check the Content-Type header on HTTP POST requests, enabling Cross-Site Request Forgery (CSRF) attacks by malicious web sites.

tags | advisory, java, web, csrf
systems | linux, debian
advisories | CVE-2016-6801
MD5 | fb13ef6d1e88409ada4d2dd0df3b686e
Debian Security Advisory 3678-1
Posted Sep 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3678-1 - Sergey Bobrov discovered that cookie parsing in Django and Google Analytics interacted such a way that an attacker could set arbitrary cookies. This allows other malicious web sites to bypass the Cross-Site Request Forgery (CSRF) protections built into Django.

tags | advisory, web, arbitrary, csrf
systems | linux, debian
advisories | CVE-2016-7401
MD5 | 25902009298833cec018f676b65f3048
Page 5 of 212
Back34567Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close