default

DSA-1667 python2.4 - several vulnerabilities

2008-11-19T00:00:00+00:00

Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1666 libxml2 - several vulnerabilities

2008-11-17T00:00:00+00:00

Several vulnerabilities have been discovered in the GNOME XML library. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1665 libcdaudio - heap overflow

2008-11-12T00:00:00+00:00

It was discovered that a heap overflow in the CDDB retrieval code of libcdaudio, a library for controlling a CD-ROM when playing audio CDs, may result in the execution of arbitrary code.

DSA-1664 ekg - missing input sanitising

2008-11-10T00:00:00+00:00

It was discovered that ekg, a console Gadu Gadu client performs insufficient input sanitising in the code to parse contact descriptions, which may result in denial of service.

DSA-1663 net-snmp - several vulnerabilities

2008-11-09T00:00:00+00:00

Several vulnerabilities have been discovered in NET SNMP, a suite of Simple Network Management Protocol applications. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1662 mysql-dfsg-5.0 - authorization bypass

2008-11-06T00:00:00+00:00

A symlink traversal vulnerability was discovered in MySQL, a relational database server. The weakness could permit an attacker having both CREATE TABLE access to a database and the ability to execute shell commands on the database server to bypass MySQL access controls, enabling them to write to tables in databases to which they would not ordinarily have access.

Fix installed man page permissions (#469936)

2008-11-05T14:08:11+00:00

Fix installed man page permissions (#469936)

Fix installed man page permissions (#469936)

[D H] Makefile

DSA-1661 openoffice.org - several vulnerabilities

2008-10-29T00:00:00+00:00

Several vulnerabilities have been discovered in the OpenOffice.org office suite:

DSA-1660 clamav - null pointer dereference, resource exhaustation

2008-10-26T00:00:00+00:00

Several denial-of-service vulnerabilities have been discovered in the ClamAV anti-virus toolkit:

DSA-1659 libspf2 - buffer overflow

2008-10-23T00:00:00+00:00

Dan Kaminsky discovered that libspf2, an implementation of the Sender Policy Framework (SPF) used by mail servers for mail filtering, handles malformed TXT records incorrectly, leading to a buffer overflow condition (CVE-2008-2469).

DSA-1658 dbus - programming error

2008-10-22T00:00:00+00:00

Colin Walters discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack.

DSA-1657 qemu - insecure temporary files

2008-10-20T00:00:00+00:00

Dmitry E. Oboukhov discovered that the qemu-make-debian-root script in qemu, fast processor emulator, creates temporary files insecurely, which may lead to a local denial of service through symlink attacks.

DSA-1656 cupsys - several vulnerabilities

2008-10-20T00:00:00+00:00

Several local vulnerabilities have been discovered in the Common UNIX Printing System. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1655 linux-2.6.24 - denial of service/information leak/privilege escalation

2008-10-16T00:00:00+00:00

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a leak of sensitive data. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1654 libxml2 - buffer overflow

2008-10-14T00:00:00+00:00

It was discovered that libxml2, the GNOME XML library, didn't correctly handle long entity names. This could allow the execution of arbitrary code via a malicious XML file.

DSA-1653 linux-2.6 - denial of service/privilege escalation

2008-10-13T00:00:00+00:00

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1652 ruby1.9 - several vulnerabilities

2008-10-12T00:00:00+00:00

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1651 ruby1.8 - several vulnerabilities

2008-10-12T00:00:00+00:00

DSA-1650 openldap2.3 - denial of service

2008-10-12T00:00:00+00:00

Cameron Hotchkies discovered that the OpenLDAP server slapd, a free implementation of the Lightweight Directory Access Protocol, could be crashed by sending malformed ASN1 requests.

DSA-1649 iceweasel - several vulnerabilities

2008-10-08T00:00:00+00:00

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1648 mon - insecure temporary files

2008-10-08T00:00:00+00:00

Dmitry E. Oboukhov discovered that the test.alert script used in one of the alert functions in mon, a system to monitor hosts or services and alert about problems, creates temporary files insecurely, which may lead to a local denial of service through symlink attacks.

DSA-1647 php5 - several vulnerabilities

2008-10-07T00:00:00+00:00

Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1646 squid - array bounds check

2008-10-07T00:00:00+00:00

A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a denial of service condition against squid.

DSA-1645 lighttpd - various

2008-10-06T00:00:00+00:00

Several local/remote vulnerabilities have been discovered in lighttpd, a fast webserver with minimal memory footprint.

DSA-1643 feta - insecure temp file handling

2008-10-05T00:00:00+00:00

Dmitry E. Oboukhov discovered that the "to-upgrade" plugin of Feta, a simpler interface to APT, dpkg, and other Debian package tools creates temporary files insecurely, which may lead to local denial of service through symlink attacks.

DSA-1644 mplayer - integer overflow

2008-10-05T00:00:00+00:00

Felipe Andres Manzano discovered that mplayer, a multimedia player, is vulnerable to several integer overflows in the Real video stream demuxing code. These flaws could allow an attacker to cause a denial of service (a crash) or potentially execution of arbitrary code by supplying a maliciously crafted video file.

DSA-1642 horde3 - cross site scripting

2008-09-20T00:00:00+00:00

Will Drewry discovered that Horde allows remote attackers to send an email with a crafted MIME attachment filename attribute to perform cross site scripting.

DSA-1641 phpmyadmin - several vulnerabilities

2008-09-20T00:00:00+00:00

Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administrate MySQL databases over the web. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1640 python-django - several vulnerabilities

2008-09-20T00:00:00+00:00

Simon Willison discovered that in Django, a Python web framework, the feature to retain HTTP POST data during user reauthentication allowed a remote attacker to perform unauthorized modification of data through cross site request forgery. This is possible regardless of the Django plugin to prevent cross site request forgery being enabled. The Common Vulnerabilities and Exposures project identifies this issue as CVE-2008-3909.

DSA-1639 twiki - command execution

2008-09-19T00:00:00+00:00

It was discovered that twiki, a web based collaboration platform, didn't properly sanitize the image parameter in its configuration script. This could allow remote users to execute arbitrary commands upon the system, or read any files which were readable by the webserver user.

DSA-1638 openssh - denial of service

2008-09-16T00:00:00+00:00

It has been discovered that the signal handler implementing the login timeout in Debian's version of the OpenSSH server uses functions which are not async-signal-safe, leading to a denial of service vulnerability (CVE-2008-4109).

DSA-1637 git-core - buffer overflow

2008-09-15T00:00:00+00:00

Multiple vulnerabilities have been identified in git-core, the core of the git distributed revision control system. Improper path length limitations in git's diff and grep functions, in combination with maliciously crafted repositories or changes, could enable a stack buffer overflow and potentially the execution of arbitrary code.

DSA-1636 linux-2.6.24 - denial of service/information leak

2008-09-11T00:00:00+00:00

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or leak sensitive data. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1635 freetype - multiple vulnerabilities

2008-09-10T00:00:00+00:00

Several local vulnerabilities have been discovered in freetype, a FreeType 2 font engine, which could allow the execution of arbitrary code.

DSA-1634 wordnet - stack and heap overflows

2008-09-01T00:00:00+00:00

Rob Holland discovered several programming errors in WordNet, an electronic lexical database of the English language. These flaws could allow arbitrary code execution when used with untrusted input, for example when WordNet is in use as a back end for a web application.

DSA-1633 slash - SQL Injection, Cross-Site Scripting

2008-09-01T00:00:00+00:00

It has been discovered that Slash, the Slashdot Like Automated Storytelling Homepage suffers from two vulnerabilities related to insufficient input sanitation, leading to execution of SQL commands (CVE-2008-2231) and cross-site scripting (CVE-2008-2553).

DSA-1632 tiff - buffer underflow

2008-08-26T00:00:00+00:00

Drew Yao discovered that libTIFF, a library for handling the Tagged Image File Format, is vulnerable to a programming error allowing malformed tiff files to lead to a crash or execution of arbitrary code.

DSA-1631 libxml2 - denial of service

2008-08-22T00:00:00+00:00

Andreas Solberg discovered that libxml2, the GNOME XML library, could be forced to recursively evaluate entities, until available CPU and memory resources were exhausted.

DSA-1630 linux-2.6 - denial of service/information leak

2008-08-21T00:00:00+00:00

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1629 postfix - programming error

2008-08-19T00:00:00+00:00

Sebastian Krahmer discovered that Postfix, a mail transfer agent, incorrectly checks the ownership of a mailbox. In some configurations, this allows for appending data to arbitrary files as root.

DSA-1628 pdns - DNS response spoofing

2008-08-10T00:00:00+00:00

Brian Dowling discovered that the PowerDNS authoritative name server does not respond to DNS queries which contain certain characters, increasing the risk of successful DNS spoofing (CVE-2008-3337). This update changes PowerDNS to respond with SERVFAIL responses instead.

DSA-1627 opensc - programming error

2008-08-04T00:00:00+00:00

Chaskiel M Grundman discovered that opensc, a library and utilities to handle smart cards, would initialise smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN.

DSA-1626 httrack - buffer overflow

2008-08-01T00:00:00+00:00

Joan Calvet discovered that httrack, a utility to create local copies of websites, is vulnerable to a buffer overflow potentially allowing to execute arbitrary code when passed excessively long URLs.

DSA-1625 cupsys - buffer overflows

2008-08-01T00:00:00+00:00

Several remote vulnerabilities have been discovered in the Common Unix Printing System (CUPS). The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1624 libxslt - buffer overflows

2008-07-31T00:00:00+00:00

Chris Evans discovered that a buffer overflow in the RC4 functions of libexslt may lead to the execution of arbitrary code.

DSA-1623 dnsmasq - DNS cache poisoning

2008-07-31T00:00:00+00:00

Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.

DSA-1622 newsx - buffer overflow

2008-07-31T00:00:00+00:00

It was discovered that newsx, an NNTP news exchange utility, was affected by a buffer overflow allowing remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period.

DSA-1621 icedove - several vulnerabilities

2008-07-27T00:00:00+00:00

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1620 python2.5 - several vulnerabilities

2008-07-27T00:00:00+00:00

Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1619 python-dns - DNS response spoofing

2008-07-27T00:00:00+00:00

Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many DNS implementations. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.

DSA-1618 ruby1.9 - several vulnerabilities

2008-07-26T00:00:00+00:00

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1616 clamav - denial of service

2008-07-26T00:00:00+00:00

Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack.

DSA-1617 refpolicy - incompatible policy

2008-07-25T00:00:00+00:00

In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as CVE-2008-1447). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard 'domain' port (53). The incompatibility affects both the 'targeted' and 'strict' policy packages supplied by this version of refpolicy.

DSA-1615 xulrunner - several vulnerabilities

2008-07-23T00:00:00+00:00

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-1614 iceweasel - several vulnerabilities

2008-07-23T00:00:00+00:00

DSA-1613 libgd2 - multiple vulnerabilities

2008-07-22T00:00:00+00:00

Multiple vulnerabilities have been identified in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following three issues:

DSA-1612 ruby1.8 - several vulnerabilities

2008-07-21T00:00:00+00:00

DSA-1544 pdns-recursor - design flaw

2008-07-16T00:00:00+00:00

Amit Klein discovered that pdns-recursor, a caching DNS resolver, uses a weak random number generator to create DNS transaction IDs and UDP source port numbers. As a result, cache poisoning attacks were simplified. (CVE-2008-1637 and CVE-2008-3217)

DSA-1611 afuse - privilege escalation

2008-07-16T00:00:00+00:00

Anders Kaseorg discovered that afuse, an automounting file system in user-space, did not properly escape meta characters in paths. This allowed a local attacker with read access to the filesystem to execute commands as the owner of the filesystem.

DSA-1610 gaim - integer overflow

2008-07-15T00:00:00+00:00

It was discovered that gaim, an multi-protocol instant messaging client, was vulnerable to several integer overflows in its MSN protocol handlers. These could allow a remote attacker to execute arbitrary code.