Debian Security Advisory DSA-030-1 - XFree86 3.3.6 contains local vulnerabilities - Upgrade to a patched version of 3.3.6.
4577b6838fe3788168afd91d4bfa18bfbe8248bf250e34bc0f13d7e40cd7b2bdDebian Security Advisory 1850-1 - Several vulnerabilities have been discovered in libmodplug, the shared libraries for mod music based on ModPlug.
81fb930ff96e23d185d8dbaabb5f114ab92989bfd83a85581dbbf7cb9e4a1f7cDebian Security Advisory 1849-1 - It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed workaround in the C++ version of the Apache implementation of this standard, xml-security-c, by preventing truncation to output strings shorter than 80 bits or half of the original HMAC output, whichever is greater.
e42de45e18bc6fd49721aa9431ccae4b09d76106002c325d94332419287f6029Debian Security Advisory 1848-1 - It was discovered that znc, an IRC proxy, did not properly process certain DCC requests, allowing attackers to upload arbitrary files.
cbd9ba2111aa130c900f04a2c4d7606e1f621fccbd7f495d44b5e1cc468f53f4Debian Security Advisory 1834-2 - The previous update caused a regression for apache2 in Debian 4.0 "etch". Using mod_deflate together with mod_php could cause segfaults when a client aborts a connection. This update corrects this flaw. A denial of service flaw was found in the Apache mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time. This issue did not affect Debian 4.0 "etch". A denial of service flaw was found in the Apache mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. A similar flaw related to HEAD requests for compressed content was also fixed.
2bb04b990a52bd709d6c38bea3fd00f71adef9c7a03e217b9679cec6bd703f6dDebian Security Advisory 1847-1 - It was discovered that the BIND DNS server terminates when processing a specially crafted dynamic DNS update. This vulnerability affects all BIND servers which serve at least one DNS zone authoritatively, as a master, even if dynamic updates are not enabled. The default Debian configuration for resolvers includes several authoritative zones, too, so resolvers are also affected by this issue unless these zones have been removed.
d960652c458b82724cffc42f08caf5a2da1661b518fb338a1238b9264835e4e6Debian Security Advisory 1846-1 - Matt T. Yourst discovered an issue in the kvm subsystem. Local users with permission to manipulate /dev/kvm can cause a denial of service (hang) by providing an invalid cr3 value to the KVM_SET_SREGS call.
b94adbef572be3d44e0873584f7f7586c9c04d22eb8bc147d2906e2ff0190454Debian Security Advisory 1845-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, or privilege escalation.
ddce2a1f54158deb8c3002cf6fd5f7f63349871281f4dfeaa4907542189e2839Debian Security Advisory 1844-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
3e4337776a6b1affbc02de5ed8349b5fee27fdcee9cda24ab22b8932ebc72584Debian Security Advisory 1843-1 - It was discovered that squid3, a high-performance proxy caching server for web clients, is prone to several denial of service attacks. Due to incorrect bounds checking and insufficient validation while processing response and request data an attacker is able to crash the squid daemon via crafted requests or responses.
2e6e9360e0ade94fed5ab47c962c88b10f565c062a4339b82c0ca8900fa65657Debian Security Advisory 1842-1 - Several vulnerabilities have been discovered in the OpenEXR image library, which can lead to the execution of arbitrary code.
8d18f6423121c538bbd91b77365f7764e2414d77a4dd4336126808a7cbfe6741Debian Security Advisory 1841-1 - It was discovered that git-daemon which is part of git-core, a popular distributed revision control system, is vulnerable to denial of service attacks caused by a programming mistake in handling requests containing extra unrecognized arguments which results in an infinite loop. While this is no problem for the daemon itself as every request will spawn a new git-daemon instance, this still results in a very high CPU consumption and might lead to denial of service conditions.
1f5b8e7954072461cfe46ca03ff4605326d8249ac2a4059a4ff2b23c889b8ad7Debian Security Advisory 1840-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.
06bec18fe61ea63a11f102981e53bbd0c64e40a1fd5f1ef0e72bd54842fa19bfDebian Security Advisory 1813-2 - The previous update introduced a regression that stopped encrypted and signed S/MIME messages to work properly. Also, there have been other regressions caused by the introduction of an undefined symbol. This update corrects these flaws. Several vulnerabilities have been found in evolution-data-server, the database backend server for the evolution groupware suite.
9088ac45791106e1e4cf2844d16833e1df769776b607f955315470f1df30fcfdDebian Security Advisory 1839-1 - It has been discovered that gst-plugins-good0.10, the GStreamer plugins from the "good" set, are prone to an integer overflow, when processing a large PNG file. This could lead to the execution of arbitrary code.
020ddb2f99726ee66c9b9732bf1f93b25eb40f76f4839221462e3ab20e4797a8Debian Security Advisory 1838-1 - Tavis Ormandy and Julien Tinnes discovered that the pulseaudio daemon does not drop privileges before re-executing itself, enabling local attackers to increase their privileges.
45a80afc1cf274d6f81ee8a06edb00e8789a356accc2864d719d6ad7602ddbe6Debian Security Advisory 1837-1 - It was discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack. This issue was caused by an incorrect fix for DSA-1658-1.
3a59f784c1f6132a397a122319908cb083f488ca4ee4aa00214ed8c13fedd9feDebian Security Advisory 1836-1 - Vinny Guido discovered that multiple input sanitising vulnerabilities in Fckeditor, a rich text web editor component, may lead to the execution of arbitrary code.
8aca73d4db5e9a83ca752db9f342ac157518676f56efb95cb2c291cfe066ef03Debian Security Advisory 1835-1 - Several vulnerabilities have been discovered in the library for the Tag Image File Format (TIFF).
5169c0b4d9807452ec091dc33435bd5b563acc2795c454a89ecd296a597c2ac2Debian Security Advisory 1834 - A denial of service flaw was found in the Apache mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time. This issue did not affect Debian 4.0 "etch".
394bd714165a039d9f2115b6f7eefc7d36507ac113647e9ee3d8eace6c4beaf8Debian Security Advisory 1833-1 - Several remote vulnerabilities have been discovered in ISC's DHCP implementation.
a5bf6269df32f7ce41c04a238c745c002b29ad7962e67156d2b36075df03f363Debian Security Advisory 1829-2 - The previous update introduced a regression in main.php, causing the module to fail. This update corrects the flaw. It was discovered that sork-passwd-h3, a Horde3 module for users to change their password, is prone to a cross-site scripting attack via the backend parameter.
4db741a124f0f2c14c6e01fbde4e36e7b46397be8c4fb7233436428847579f18Debian Security Advisory 1832-1 - Tielei Wang discovered that CamlImages, an open source image processing library, suffers from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution.
b156bcfd1cb7f5cfb9cf3849e5419b7247d82fc194a43ba40aef48a67ffbc657Debian Security Advisory 1831-1 - Matthew Dempsky discovered that Daniel J. Bernstein's djbdns, a Domain Name System server, does not constrain offsets in the required manner, which allows remote attackers with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses containing arbitrary records via crafted zone data for this subdomain.
bdf20eb671bf119bec03d7ac696ea37d0e3c0e1d2f09fc2b89b59231243b0fddDebian Security Advisory 1830-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client.
d38d0925be530057b4a2dd77a93a8ac127bd9272755d6b3ea0b274a052baaa14Debian Security Advisory 1829-1 - It was discovered that sork-passwd-h3, a Horde3 module for users to change their password, is prone to a cross-site scripting attack via the backend parameter.
bc0919c0157f38f5e01672cbea0375ee961c241d29bae8a3bc4a78c103977320
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed