Section: .. / 0603-advisories /
| /// File Name: |
dsa-1010-1.txt |
Description:
|
Debian Security Advisory DSA 1010-1 - Ulf Härnhammar from the Debian Security Audit Project discovered that ilohamail, a lightweight multilingual web-based IMAP/POP3 client, does not always sanitize input provided by users which allows remote attackers to inject arbitrary web script or HTML.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 3084 | | Last Modified: | Mar 21 22:41:22 2006 |
| MD5 Checksum: | fc002b8e471072fbc66b5926b4c77c43 |
|
| /// File Name: |
dsa-1011-1.txt |
Description:
|
Debian Security Advisory DSA 1011-1 - Several vulnerabilities have been discovered in the Debian vserver support for Linux.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5996 | | Last Modified: | Mar 21 22:41:51 2006 |
| MD5 Checksum: | ffba6cdf282073b6ce83c4fac649e978 |
|
| /// File Name: |
dsa-1012-1.txt |
Description:
|
Debian Security Advisory DSA 1012-1 - A buffer overflow in the command line argument parsing has been discovered in unzip, the de-archiver for ZIP files that could lead to the execution of arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 7475 | | Last Modified: | Mar 21 22:42:19 2006 |
| MD5 Checksum: | 77e4f82d23b11e01bcbf557d7b44c952 |
|
| /// File Name: |
dsa-1013-1.txt |
Description:
|
Debian Security Advisory DSA 1013-1 - Will Aoki discovered that snmptrapfmt, a configurable snmp trap handler daemon for snmpd, does not prevent overwriting existing files when writing to a temporary log file.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 7596 | | Last Modified: | Mar 23 21:45:53 2006 |
| MD5 Checksum: | fd25fc65d9ca0d6667b2034cb8dee2af |
|
| /// File Name: |
dsa-1014-1.txt |
Description:
|
Unavailable.
| | File Size: | 4319 | | Last Modified: | Mar 31 10:01:20 2006 |
| MD5 Checksum: | 6b1e5060786bbc908fbc8c7be2cda8d9 |
|
| /// File Name: |
dsa-1021-1.txt |
Description:
|
Debian Security Advisory DSA 1021-1 - Max Vozeler from the Debian Audit Project discovered that pstopnm, a converter from Postscript to the PBM, PGM and PNM formats, launches Ghostscript in an insecure manner, which might lead to the execution of arbitrary shell commands, when converting specially crafted Postscript files.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 19272 | | Related CVE(s): | CVE-2005-2471 | | Last Modified: | Apr 1 08:35:53 2006 |
| MD5 Checksum: | 1c459b8d6e7ffc433c0876f5220f365e |
|
| /// File Name: |
dsa-919-2.txt |
Description:
|
Debian Security Advisory DSA 919-2 - The upstream developer of curl, a multi-protocol file transfer library, informed us that the former correction to several off-by-one errors are not sufficient.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 18874 | | Related CVE(s): | CVE-2005-4077 | | Last Modified: | Mar 11 03:33:46 2006 |
| MD5 Checksum: | 8fcbffc66948f4672e97ed57bee2c327 |
|
| /// File Name: |
dsa-960-3.txt |
Description:
|
Debian Security Advisory DSA 960-3 - The former update caused temporary files to be created in the current working directory due to a wrong function argument. This update will create temporary files in the users home directory if HOME is set or in the common temporary directory otherwise, usually /tmp.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 4673 | | Last Modified: | Mar 21 22:40:15 2006 |
| MD5 Checksum: | edcef8e95cf03d80db074871ea0727ae |
|
| /// File Name: |
dsa-981-1.txt |
Description:
|
Debian Security Advisory DSA 981-1 - felinemalice discovered an integer overflow in BMV, a post script viewer for SVGAlib, that may lead to the execution of arbitrary code through specially crafted Postscript files.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 3578 | | Related CVE(s): | CVE-2005-3278 | | Last Modified: | Mar 3 09:22:17 2006 |
| MD5 Checksum: | 5850aae2a7639d588eb4775ea14fcb1c |
|
| /// File Name: |
dsa-982-1.txt |
Description:
|
Debian Security Advisory DSA 982-1 - Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in gpdf, the Portable Document Format (PDF) viewer with Gtk bindings.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 4805 | | Last Modified: | Mar 2 10:51:51 2006 |
| MD5 Checksum: | 791b5eb13705c91127018d7f5f9c7e43 |
|
| /// File Name: |
dsa-983-1.txt |
Description:
|
Debian Security Advisory DSA 983-1 - Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in pdftohtml, a utility that translates PDF documents into HTML format.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 4952 | | Last Modified: | Mar 2 11:15:16 2006 |
| MD5 Checksum: | aa2267b155688dcba1bc4a775d72554b |
|
| /// File Name: |
dsa-984-1.txt |
Description:
|
Debian Security Advisory DSA 984-1 - Derek Noonburg has fixed several potential vulnerabilities in xpdf, the Portable Document Format (PDF) suite.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 6944 | | Last Modified: | Mar 3 10:10:06 2006 |
| MD5 Checksum: | 0d5ee648aa6febe452629991b0779803 |
|
| /// File Name: |
dsa-986-1.txt |
Description:
|
Debian Security Advisory DSA 986-1 - Evgeny Legerov discovered several out-of-bounds memory accesses in the DER decoding component component of the Tiny ASN.1 Library, which is also present and used in GnuTLS, the GNU implementation for Transport Layer Security (TLS) 1.0 and Secure Sockets Layer (SSL) 3.0 protocols and which allows attackers to crash the DER decoder and possibly execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 11040 | | Last Modified: | Mar 8 05:56:39 2006 |
| MD5 Checksum: | 19cd2451b003e83be790bba9c593fbbd |
|
| /// File Name: |
dsa-987-1.txt |
Description:
|
Debian Security Advisory DSA 987-1 - Jim Meyering discovered several buffer overflows in GNU tar, which may lead to the execution of arbitrary code through specially crafted tar archives.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 4731 | | Last Modified: | Mar 8 05:53:49 2006 |
| MD5 Checksum: | 166a3dc9fac6847c6f8aa4a94ad7ad3c |
|
| /// File Name: |
dsa-988-1.txt |
Description:
|
Debian Security Advisory DSA 988-1 - Several vulnerabilities have been discovered in Squirrelmail, a commonly used webmail system.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 4926 | | Last Modified: | Mar 9 04:23:35 2006 |
| MD5 Checksum: | 27a9726c895f8043bb92f7cf8aabc414 |
|
| /// File Name: |
dsa-989-1.txt |
Description:
|
Debian Security Advisory DSA 989-1 - Neil McBride discovered that Zoph, a web based photo management system performs insufficient sanitizing for input passed to photo searches, which may lead to the execution of SQL commands through a SQL injection attack.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 2923 | | Last Modified: | Mar 10 01:22:58 2006 |
| MD5 Checksum: | 9330c95c989fef3f32a6290e9d5a808a |
|
| /// File Name: |
dsa-990-1.txt |
Description:
|
Debian Security Advisory DSA 990-1 - A denial of service condition has been discovered in bluez-hcidump, a utility that analyses Bluetooth HCI packets, which can be triggered remotely.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5108 | | Related CVE(s): | CVE-2006-0670 | | Last Modified: | Mar 11 03:31:51 2006 |
| MD5 Checksum: | 85574ec19efc9de70695b534faf8000e |
|
| /// File Name: |
dsa-991-1.txt |
Description:
|
Debian Security Advisory DSA 991-1 - Jean-Sebastien Guay-Leroux discovered a buffer overflow in zoo, a utility to manipulate zoo archives, that could lead to the execution of arbitrary code when unpacking a specially crafted zoo archive.
| | Author: | Steve Kemp | | Homepage: | http://www.debian.org/security/ | | File Size: | 7416 | | Related CVE(s): | CVE-2006-0855 | | Last Modified: | Mar 11 03:35:20 2006 |
| MD5 Checksum: | 3b882e1e51638d039dacff23697abfb9 |
|
| /// File Name: |
dsa-992-1.txt |
Description:
|
Debian Security Advisory DSA 992-1 - Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code.
| | Author: | Moritz Muehlenhoff | | Homepage: | http://www.debian.org/security/ | | File Size: | 11279 | | Related CVE(s): | CVE-2005-4048 | | Last Modified: | Mar 11 03:36:30 2006 |
| MD5 Checksum: | 5f71de37d41e5915247dc5bad090b055 |
|
| /// File Name: |
dsa-993-1.txt |
Description:
|
Debian Security Advisory DSA 993-1 - Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, can be tricked to emit a "good signature" status message when a valid signature is included which does not belong to the data packet.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 4923 | | Related CVE(s): | CVE-2006-0049 | | Last Modified: | Mar 11 03:39:06 2006 |
| MD5 Checksum: | 24051bd27100b982044661307b707ca0 |
|
| /// File Name: |
dsa-993-2.txt |
Description:
|
Debian Security Advisory DSA 993-2 - Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, can be tricked to emit a "good signature" status message when a valid signature is included which does not belong to the data packet. This update basically adds fixed packages for woody whose version turned out to be vulnerable as well.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 7605 | | Last Modified: | Mar 13 22:10:47 2006 |
| MD5 Checksum: | 309b31f349f13cea601e5b8e0fb0e24b |
|
| /// File Name: |
dsa-994-1.txt |
Description:
|
Debian Security Advisory DSA 994-1 - Luigi Auriemma discovered a denial of service condition in the free Civilization server that allows a remote user to trigger a server crash.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 9785 | | Last Modified: | Mar 13 22:08:40 2006 |
| MD5 Checksum: | 1253c1c826de7318ee7d11630beaadd5 |
|
| /// File Name: |
dsa-995-1.txt |
Description:
|
Debian Security Advisory DSA 995-1 - Ulf Harnhammar discoverd a buffer overflow in metamail, an implementation of MIME (Multi-purpose Internet Mail Extensions), that could lead to a denial of service or potentially execute arbitrary code when processing messages.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 7700 | | Last Modified: | Mar 13 22:09:12 2006 |
| MD5 Checksum: | bd572f1d3ac620ede3a01b4748349cb3 |
|
| /// File Name: |
dsa-996-1.txt |
Description:
|
Debian Security Advisory DSA 996-1 - Lincoln Stein discovered that the Perl Crypt::CBC module produces weak ciphertext when used with block encryption algorithms with a blocksize less than 8 bytes.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 2977 | | Last Modified: | Mar 13 22:10:15 2006 |
| MD5 Checksum: | a0b56dab26d7886d4f72c363d7c9b63e |
|
| /// File Name: |
dsa-997-1.txt |
Description:
|
Debian Security Advisory DSA 997-1 - Stefan Cornelius of Gentoo Security discovered that bomberclone, a free Bomberman-like game, crashes when receiving overly long error packets, which may also allow remote attackers to execute arbitrary code.
| | Author: | Martin Schulze | | Homepage: | http://www.debian.org/security/ | | File Size: | 5557 | | Last Modified: | Mar 13 22:11:24 2006 |
| MD5 Checksum: | 92ea9c1449ffc159a75282eb3f095105 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
