Section: .. / advisories / debian /
| /// File Name: |
debian.jazip.txt |
Description:
|
Debian Security Advisory DSA-017-1 - With older versions of jazip a user could gain root access for members of the floppy group to the local machine. The interface doesn't run as root anymore and this very exploit was prevented. The program now also truncates DISPLAY to 256 characters if it is bigger, which closes the buffer overflow (within xforms).
| | Homepage: | http://www.debian.org/security | | File Size: | 3640 | | Last Modified: | Feb 3 00:02:14 2001 |
| MD5 Checksum: | d7a4881c2dace6abb598e9961af3bd25 |
|
| /// File Name: |
debian.man2html.txt |
Description:
|
Debian Security Advisory DSA-035-1 - Man2html contains a remote denial of service attack which can use up all available memory. Upgrade to the newest version.
| | Homepage: | http://www.debian.org/security | | File Size: | 3588 | | Last Modified: | Mar 10 02:34:27 2001 |
| MD5 Checksum: | cf8443cc67a9862590186702a6667ff7 |
|
| /// File Name: |
debian.joe.txt |
Description:
|
Debian Security Advisory - When joe (Joe's Own Editor) dies due to a signal instead of a normal exit it saves a list of the files it is editing to a file called DEADJOE in its current directory. Unfortunately this wasn't done safely which made joe vulnerable to a symlink attack.
| | Homepage: | http://www.debian.org/security | | File Size: | 3549 | | Last Modified: | Dec 3 02:11:33 2000 |
| MD5 Checksum: | 15a158d7be5635dabfadf63b0b29330d |
|
| /// File Name: |
debian.micq.txt |
Description:
|
Debian Security Advisory DSA-012-1 - A remotely exploitable buffer overflow has been found in micq v0.4.6.
| | Homepage: | http://www.debian.org/security | | File Size: | 3538 | | Last Modified: | Jan 25 22:45:44 2001 |
| MD5 Checksum: | 949cd8eb9ed79a73002f78af0b33262f |
|
| /// File Name: |
debian.zope2.txt |
Description:
|
Debian Security Advisory DSA-055-1 - A new Zope hotfix has been released which fixes a problem in ZClasses. The problem is "any user can visit a ZClass declaration and change the ZClass permission mappings for methods and other objects defined within the ZClass, possibly allowing for unauthorized access within the Zope instance." This hotfix has been added in version 2.1.6-10.
| | Homepage: | http://www.debian.org/security | | File Size: | 3534 | | Last Modified: | May 9 00:51:30 2001 |
| MD5 Checksum: | e57f433fb0a00cdfcccd3e9d10af18ea |
|
| /// File Name: |
debian.ghostscript.txt |
Description:
|
Debian Security Advisory - ghostscript uses temporary files to do some of its work. Unfortunately the method used to create those files wasn't secure: mktemp was used to create a name for a temporary file, but the file was not opened safely. A second problem is that during build the LD_RUN_PATH environment variable was set to the empty string, which causes the dynamic linker to look in the current directory for shared libraries.
| | Homepage: | http://www.debian.org/security | | File Size: | 3531 | | Last Modified: | Nov 29 10:32:49 2000 |
| MD5 Checksum: | 1af88d155bd6d5fb83c959c03555f6e0 |
|
| /// File Name: |
debian.tinyproxy.txt |
Description:
|
Debian Security Advisory DSA-018-1 - A heap overflow has been found in tinyproxy which allows remote attackers to execute commands as user nobody.
| | Homepage: | http://www.debian.org/security | | File Size: | 3521 | | Last Modified: | Jan 24 22:52:15 2001 |
| MD5 Checksum: | fcda788f74c9e44e1b7d8d32d20ae840 |
|
| /// File Name: |
debian.ethereal.txt |
Description:
|
Debian Security Advisory - Hacksware reported a buffer overflow in the AFS packet parsing code in ethereal. Gerald Combs then found more overflows in the netbios and ntp decoding logic as well. An attacker can exploit those overflows by sending carefully crafted packets to a network that is being monitored by ethereal. This has been fixed in version 0.8.0-2potato and we recommend you upgrade your ethereal package immediately.
| | Homepage: | http://www.debian.org/security | | File Size: | 3512 | | Last Modified: | Dec 3 17:24:05 2000 |
| MD5 Checksum: | 54a569e03300753259ad5579a438c6d8 |
|
| /// File Name: |
debian.horde.imp.txt |
Description:
|
Debian Security Advisory - Imp, a webmail interface, did not check the $from variable which contains the sender address for shell metacharacters. This could be used to run arbitrary commands on the server running imp. To fix this horde (the library imp uses) and imp itself has been modified to sanitize user input.
| | Homepage: | http://www.debian.org/security | | File Size: | 3469 | | Last Modified: | Sep 12 01:20:23 2000 |
| MD5 Checksum: | d0a1f5f2466f46c56e8a158b9e03c9cc |
|
| /// File Name: |
debian.gftp.txt |
Description:
|
Debian Security Advisory DSA-055-1 - The gftp package has a problem in its logging code which allows malicious ftp servers to execute commands on the client machine. This has been fixed in version 2.0.6a-3.1.
| | Homepage: | http://www.debian.org/security | | File Size: | 3463 | | Last Modified: | May 9 01:05:40 2001 |
| MD5 Checksum: | ef6596b65ce3851a35fba5753e535351 |
|
| /// File Name: |
debian.exuberant-ctags.txt |
Description:
|
Debian Security Advisory DSA-046-1 - The exuberant-ctags packages as distributed with Debian GNU/Linux 2.2 creates temporary files insecurely. This has been fixed in version 1:3.2.4-0.1 of the Debian package, and upstream version 3.5.
| | Homepage: | http://www.debian.org/security | | File Size: | 3428 | | Last Modified: | Apr 15 20:11:04 2001 |
| MD5 Checksum: | 88b7c9443117c24cf4fbbacc15f24090 |
|
| /// File Name: |
debian.cron3.txt |
Description:
|
Debian Security Advisory DSA-054-1 - A recent (fall 2000) security fix to cron introduced an error in giving up privileges before invoking the editor. A malicious user can easily gain root access. This has been fixed in version 3.0pl1-57.3.
| | Homepage: | http://www.debian.org/security | | File Size: | 3422 | | Last Modified: | May 9 00:26:56 2001 |
| MD5 Checksum: | ed96a529b8d78aecb08b62cb946238c3 |
|
| /// File Name: |
debian.dialog.txt |
Description:
|
Debian Security Advisory - Dialog creates lock files insecurely, making it susceptible to a symlink attack.
| | Homepage: | http://www.debian.org/security | | File Size: | 3406 | | Last Modified: | Dec 25 18:33:59 2000 |
| MD5 Checksum: | 90cae4bddc6fa6de0e87a248e6e138e2 |
|
| /// File Name: |
debian.tcpdump.txt |
Description:
|
Debian Security Advisory - During internal source code auditing by FreeBSD several buffer overflows were found which allow an attacker to make tcpdump crash by sending carefully crafted packets to a network that is being monitored with tcpdump. This has been fixed in version 3.4a6-4.2.
| | Homepage: | http://www.debian.org/security | | File Size: | 3382 | | Last Modified: | Nov 26 03:43:05 2000 |
| MD5 Checksum: | d59476cbf07be68c6268c46feb9a82da |
|
| /// File Name: |
debian.make.txt |
Description:
|
The make package as shipped in Debian GNU/Linux 2.1 is vulnerable to a race condition that can be exploited with a symlink attack. Debian security homepage here.
| | File Size: | 3359 | | Last Modified: | Feb 23 01:50:17 2000 |
| MD5 Checksum: | c0054e5ddaac62a739386a709e3d106c |
|
| /// File Name: |
debian.lpr.txt |
Description:
|
The version of lpr that was distributed with Debian GNU/Linux 2.1 and the updated version released in 2.1r4 have a two security problems - Local users can obtain root access and remote users can access the print server. Debian security homepage here.
| | File Size: | 3321 | | Last Modified: | Jan 10 20:16:33 2000 |
| MD5 Checksum: | 4598f33acb97daed298ecb9e2d609df5 |
|
| /// File Name: |
debian.glibc.txt |
Description:
|
Debian Security Advisory - Recently two local vulnerabilities have been found in the glibc suite, which could be used to trick setuid applications to run arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 3317 | | Last Modified: | Sep 6 06:37:34 2000 |
| MD5 Checksum: | 937c29c6008182445465a9e00b781bf2 |
|
| /// File Name: |
debian.nvi.txt |
Description:
|
The version of nvi that was distributed with Debian GNU/Linux 2.1 has an error in the default /etc/init.d/nviboot script: it did not handle filenames with embedded spaces correctly. This made it possible to remove files in the root directory by creating entries in /var/tmp/vi.recover. Debian security homepage here.
| | File Size: | 3312 | | Last Modified: | Jan 10 20:26:41 2000 |
| MD5 Checksum: | 0b662942567330520d0aa2f42d879dc5 |
|
| /// File Name: |
debian.ed.txt |
Description:
|
Debian Security Advisory - GNU ed (the classic line editor tool) does not use temp files safely. This has been fixed in version 0.2-18.1.
| | Homepage: | http://www.debian.org/security | | File Size: | 3191 | | Last Modified: | Dec 2 23:18:28 2000 |
| MD5 Checksum: | 17b0f0335fe26dbbfcec4f6549e7fedf |
|
| /// File Name: |
debian.apcd.txt |
Description:
|
The apcd package as shipped in Debian GNU/Linux 2.1 is vulnerable to a symlink attack. Debian security homepage here.
| | File Size: | 3159 | | Last Modified: | Feb 2 01:36:53 2000 |
| MD5 Checksum: | f411713febd127d6d8f056281ee883c3 |
|
| /// File Name: |
debian.nmh.txt |
Description:
|
Debian Security Advuisory - Remote exploit in nmh. The version of nmh that was distributed in Debian GNU/Linux 2.1 (aka slink) did not check incoming mail messages properly. This could be exploited by using carefully designed MIME headers to trick mhshow into executing arbitrary shell code. Debian security homepage here.
| | File Size: | 3144 | | Last Modified: | Feb 28 21:23:31 2000 |
| MD5 Checksum: | 0fee415db8b978d86bccedd0d047caf1 |
|
| /// File Name: |
debian.htdig.txt |
Description:
|
The version of htdig that was shipped in Debian GNU/Linux 2.1 has a problem with calling external programs to handle non-HTML documents: it calls the external program with the document as a parameter, but does not check for shell escapes. This can be exploited by creating files with filenames that include shell escapes to run arbitraty commands on the machine that runs htdig. Debian security homepage here.
| | File Size: | 3126 | | Last Modified: | Dec 9 22:54:53 1999 |
| MD5 Checksum: | a8fd02d13b305694bfbadced3f58307d |
|
| /// File Name: |
debian.zope.abridged |
Description:
|
Debian Security Advisory - On versions of Zope prior to 2.2.1 it was possible for a user with the ability to edit DTML can gain unauthorized access to extra roles during a request. Previous announcement and fix did not fully address the issues.
| | Homepage: | http://www.debian.org/security | | File Size: | 3118 | | Last Modified: | Aug 21 23:27:42 2000 |
| MD5 Checksum: | 96e78e4c3ed81b86d288b06e4a2f5c7f |
|
| /// File Name: |
debian.mtr.txt |
Description:
|
Debian Security Advisory - The version of mtr as distributed in Debian GNU/Linux 2l1 did not drop root privileges correctly. While there are no known exploits it is conceivable that a weakness in gtk or ncurses could be used to exploit this. Debian security homepage here.
| | File Size: | 3052 | | Last Modified: | Mar 9 20:25:34 2000 |
| MD5 Checksum: | 6d6789b193a9e0d9198b500b201e21db |
|
| /// File Name: |
debian.exmh.txt |
Description:
|
Debian Security Advisory DSA-022-1 - Exmh v2.2 and below used /tmp for storing temporary files. No checks were made to ensure that nobody placed a symlink with the same name in /tmp in the meantime and thus was vulnerable to a symlink attack.
| | Homepage: | http://www.debian.org/security | | File Size: | 3045 | | Last Modified: | Jan 26 20:37:01 2001 |
| MD5 Checksum: | 4cacd41df25253eabfe39dcd21dd05eb |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
