Articles / Debian

All articles tagged with Debian

July 02, 2009 10:19 Debian: New gforge packages fix insufficient input saniti...

0

Laurent Almeras and Guillaume Smet have discovered a possible SQL injection vulnerability and cross-site scripting vulnerabilities in gforge, a collaborative development tool. Due to insufficient input sanitising, it was possible to inject arbitrary SQL statements and use several parameters to conduct cross-site scripting attacks. Updated packages are available from security.debian.org.

July 02, 2009 10:18 Debian: New ctorrent packages fix arbitrary code execution

0

Michael Brooks discovered that ctorrent, a text-mode bittorrent client, does not verify the length of file paths in torrent files. An attacker can exploit this via a crafted torrent that contains a long file path to execute arbitrary code with the rights of the user opening the file. Updated packages are available from security.debian.org.

July 02, 2009 10:05 Debian: New apache2 packages fix privilege escalation

0

It was discovered that the Apache web server did not properly handle the “Options=” parameter to the AllowOverride directive, leading to a privilege escalation. Updated packages are available from security.debian.org.

July 02, 2009 09:32 Debian: New libtorrent-rasterbar packages fix denial of s...

0

It was discovered that the Rasterbar Bittorrent library performed insufficient validation of path names specified in torrent files, which could lead to denial of service by overwriting files. Updated packages are available from security.debian.org.

July 02, 2009 09:31 Debian: New libsndfile packages fix arbitrary code execution

0

Two vulnerabilities have been found in libsndfile, a library to read and write sampled audio data. Tobias Klein discovered that the VOC parsing routines suffer of a heap-based buffer overflow which can be triggered by an attacker via a crafted VOC header. The vendor discovered that the AIFF parsing routines suffer of a heap-based buffer overflow which can be triggered by an attacker via a crafted AIFF header. Updated packages are available from security.debian.org.

June 29, 2009 09:59 Debian: New evolution-data-server packages fix several vu...

0

Several vulnerabilities have been found in evolution-data-server, the database backend server for the evolution groupware suite. It was discovered that evolution-data-server is prone to integer overflows triggered by large base64 strings. Joachim Breitner discovered that S/MIME signatures are not verified properly, which can lead to spoofing attacks. It was discovered that NTLM authentication challenge packets are not validated properly when using the NTLM authentication method, which could lead to an information disclosure or a denial of service. Updated packages are available from security.debian.org.

June 07, 2009 11:30 Debian: New cups/cupsys packages fix denial of service

0

Anibal Sacco discovered that cups, a general printing system for UNIX systems, suffers from null pointer dereference because of its handling of two consecutive IPP packets with certain tag attributes that are treated as IPP_TAG_UNSUPPORTED tags. This allows unauthenticated attackers to perform denial of service attacks by crashing the cups daemon. Updated packages are available from security.debian.org.

June 07, 2009 11:29 Debian: New libapache-mod-jk packages fix information dis...

0

An information disclosure flaw was found in mod_jk, the Tomcat Connector module for Apache. If a buggy client included the “Content-Length” header without providing request body data, or if a client sent repeated equests very quickly, one client could obtain a response intended for another client. Updated packages are available from security.debian.org.

June 07, 2009 11:27 Debian: New Linux 2.6.26 packages fix several vulnerabili...

0

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, or privilege escalation. Frank Filz discovered that local users may be able to execute files without execute permission when accessed via an nfs4 mount. Jeff Layton and Suresh Jayaraman fixed several buffer overflows in the CIFS filesystem which allow remote servers to cause memory corruption. Jan Beulich discovered an issue in Xen where local guest users may cause a denial of service (oops). Updated packages are available from security.debian.org.

June 07, 2009 11:24 Debian: New drupal6 packages fix insufficient input sanit...

0

Markus Petrux discovered a cross-site scripting vulnerability in the taxonomy module of drupal6, a fully-featured content management framework. It is also possible that certain browsers using the UTF-7 encoding are vulnerable to a different cross-site scripting vulnerability. Updated packages are available from security.debian.org.

June 07, 2009 11:20 Debian: New cyrus-sasl2 packages fix arbitrary code execu...

0

James Ralston discovered that the sasl_encode64() function of cyrus-sasl2, a free library implementing the Simple Authentication and Security Layer, suffers from a missing null termination in certain situations. This causes several buffer overflows in situations where cyrus-sasl2 itself requires the string to be null terminated which can lead to denial of service or arbitrary code execution. Updated packages are available from security.debian.org.

May 25, 2009 11:02 Debian: New cscope packages fix arbitrary code execution

0

Matt Murphy discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files. Updated packages are available from security.debian.org.

May 25, 2009 11:00 Debian: New pidgin packages fix several vulnerabilities

0

Several vulnerabilities have been discovered in Pidgin, a graphical multi-protocol instant messaging client. A buffer overflow in the Jabber file transfer code may lead to denial of service or the execution of arbitrary code. Memory corruption in an internal library may lead to denial of service. Updated packages are available from security.debian.org.

May 25, 2009 10:35 Debian: New ipsec-tools packages fix denial of service

0

Several remote vulnerabilities have been discovered in racoon, the Internet Key Exchange daemon of ipsec-tools. Neil Kettle discovered a NULL pointer dereference on crafted fragmented packets that contain no payload. This results in the daemon crashing which can be used for denial of service attacks. Various memory leaks in the X.509 certificate authentication handling and the NAT-Traversal keepalive implementation can result in memory exhaustion and thus denial of service. Updated packages are available from security.debian.org.

May 25, 2009 10:32 Debian: New squirrelmail packages fix several vulnerabili...

0

Several remote vulnerabilities have been discovered in SquirrelMail, a webmail application. Cross site scripting was possible through a number of pages which allowed an attacker to steal sensitive session data. Code injection was possible when SquirrelMail was configured to use the mapypalias function to authenticate users. This is not the default. It was possible to hijack an active user session by planting a specially crafted cookie into the user’s browser. Specially crafted HTML emails could use the CSS positioning feature to place email content over the SquirrelMail user interface, allowing for phishing. Updated packages are available from security.debian.org.

May 25, 2009 10:30 Debian: New ntp packages fix several vulnerabilities

0

Several remote vulnerabilities have been discovered in NTP, the Network Time Protocol reference implementation. A buffer overflow in ntpq allow a remote NTP server to create a denial of service attack or to execute arbitrary code via a crafted response. A buffer overflow in ntpd allows a remote attacker to create a denial of service attack or to execute arbitrary code when the autokey functionality is enabled. Updated packages are available from security.debian.org.

May 17, 2009 16:32 Debian: New Linux 2.6.26 packages fix several vulnerabili...

0

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a sensitive memory leak. Among other issues found, Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent. Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application. Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach processes outside of the current process namespace. Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data. Updated packages are available from updates.redhat.com.

May 17, 2009 16:20 Debian: New qemu packages fix several vulnerabilities

0

Several vulnerabilities have been discovered in the QEMU processor emulator. Ian Jackson discovered that range checks of file operations on emulated disk devices were insufficiently enforced. It was discovered that an error in the format auto detection of removable media could lead to the disclosure of files in the host system. A buffer overflow has been found in the emulation of the Cirrus graphics adaptor. Updated packages are available from security.debian.org.

May 11, 2009 12:57 Debian: New pango1.0 packages fix arbitrary code execution

0

Will Drewry discovered that pango, a system for layout and rendering of internationalized text, is prone to an integer overflow via long glyphstrings. This could cause the execution of arbitrary code when displaying crafted data through an application using the pango library. Updated packages are available from security.debian.org.

May 11, 2009 12:54 Debian: New xulrunner packages fix several vulnerabilities

0

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. Among others, Moxie Marlinspike discovered that Unicode box drawing characters inside of internationalised domain names could be used for phishing attacks. Igor Bukanov and Bob Clary discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Daniel Veditz discovered that the Content-Disposition: header is ignored within the jar: URI scheme. Gregory Fleischer discovered that the same-origin policy for Flash files is inproperly enforced for files loaded through the view-source scheme, which may result in bypass of cross-domain policy restrictions. Cefn Hoile discovered that sites, which allow the embedding of third-party stylesheets are vulnerable to cross-site scripting attacks through XBL bindings. “moz_bug_r_a4” discovered bypasses of the same-origin policy in the XMLHttpRequest Javascript API and the XPCNativeWrapper. Paolo Amadini discovered that incorrect handling of POST data when saving a web site with an embedded frame may lead to information disclosure. It was discovered that Iceweasel allows Refresh: headers to redirect to Javascript URIs, resulting in cross-site scripting. Several people reported crashes in the in the layout engine, which might allow the execution of arbitrary code. Updated packages are available from security.debian.org.

May 11, 2009 12:51 Debian: New libwmf packages fix denial of service

0

Tavis Ormandy discovered that the embedded GD library copy in libwmf, a library to parse windows metafiles (WMF), makes use of a pointer after it was already freed. An attacker using a crafted WMF file can cause a denial of service or possibly the execute arbitrary code via applications using this library. Updated packages are available from security.debian.org.

May 11, 2009 12:44 Debian: New ldns packages fix arbitrary code execution

0

Stefan Kaltenbrunner discovered that ldns, a library and set of utilities to facilitate DNS programming, did not correctly implement a buffer boundary check in its RR DNS record parser. This weakness could enable overflow of a heap buffer if a maliciously-crafted record is parsed, potentially allowing the execution of arbitrary code. The scope of compromise will vary with the context in which ldns is used, and could present either a local or remote attack vector. Updated packages are available from security.debian.org.

May 11, 2009 11:08 Debian: New Linux 2.6.18 packages fix several vulnerabili...

0

Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation, or information leak. Bryn M. Reeves reported a denial of service in the NFS filesystem. Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow. Flavio Leitner discovered that a local user can cause a denial of service by generating large amounts of traffic on a large SMP system, resulting in soft lockups. Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent. Christian Borntraeger discovered an issue that allows local users to cause a denial of service or potentially gain elevated privileges. Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service. Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution. Updated packages are available from security.debian.org.

May 11, 2009 11:05 Debian: New kdegraphics packages fix multiple vulnerabili...

0

kpdf is a Portable Document Format (PDF) viewer for KDE. based on xpdf. Multiple buffer overflows in the JBIG2 decoder in kpdf allow remote attackers to cause a denial of service (crash) via a crafted PDF file. The JBIG2 decoder in kpdf allows remote attackers to cause a denial of service (crash) via a crafted PDF file. Integer overflow in the JBIG2 decoder in kpdf allows remote attackers to execute arbitrary code via a crafted PDF file. Updated packages are available from security.debian.org.

May 11, 2009 11:03 Debian: New drupal6 packages fix multiple vulnerabilities

0

Multiple vulnerabilities have been discovered in drupal, a web content management system. pod.Edge discovered a cross-site scripting vulnerability which allows a malicious user to execute arbitrary javascript in the context of the web site if they’re allowed to post content. Moritz Naumann discovered an information disclosure vulnerability which may allow a third party site to execute a cross-site request forgery attack. Updated packages are available from security.debian.org.

May 11, 2009 11:02 Debian: New moin packages fix cross-site scripting

0

It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks when renaming attachements or performing other sub-actions. Updated packages are available from security.debian.org.

May 11, 2009 11:00 Debian: New xpdf packages fix multiple vulnerabilities

0

Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files. Multiple buffer overflows in the JBIG2 decoder allow remote attackers to cause a denial of service (crash) via a crafted PDF file. Multiple “input validation flaws” in the JBIG2 decoder allow remote attackers to execute arbitrary code via a crafted PDF file. Updated packages are available from security.debian.org.

May 11, 2009 10:59 Debian: New quagga packages fix denial of service

0

It was discovered that Quagga, an IP routing daemon, could no longer process the Internet routing table due to broken handling of multiple 4-byte AS numbers in an AS path. If such a prefix is received, the BGP daemon crashes with an assert failure, leading to a denial of service. Updated packages are available from security.debian.org.

May 04, 2009 08:47 Debian: New Linux 2.6.24 packages fix several vulnerabili...

0

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. Among other problems, Bryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function. Hugo Dias reported a DoS condition in the ATM subsystem. Helge Deller discovered a denial of service condition that allows local users on PA-RISC systems to crash a system by attempting to unwind a stack contiaining userspace addresses. Alan Cox discovered a lack of minimum timeouts on SG_IO requests, which allows local users of systems using ATA to cause a denial of service by forcing drives into PIO mode. Vlad Malov reported an issue on 64-bit MIPS systems where a local user could cause a system crash by crafing a malicious binary which makes o32 syscalls with a number less than 4000. Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call. Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent. Christian Borntraeger discovered an issue that allows local users to cause a denial of service or potentially gain elevated privileges. Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all of kernel memory. Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution. Updated packages are available from security.debian.org.

May 04, 2009 08:46 Debian: New acpid packages fix denial of service

0

It was discovered that acpid, a daemon for delivering ACPI events, is prone to a denial of service attack by opening a large number of UNIX sockets, which are not closed properly. Updated packages are available from security.debian.org.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.