Download
| Alert*
|
oval:org.mitre.oval:def:7815
It was discovered that mahara, an electronic portfolio, weblog, and resume builder is prone to several cross-site scripting attacks, which allow an attacker to inject arbitrary HTML or script code and steal potential sensitive data from other users. The oldstable distribution (etch) does not contain ... oval:org.mitre.oval:def:8093 It was discovered that the Debian Mantis package, a web based bug tracking system, installed the database credentials in a file with world-readable permissions onto the local filesystem. This allows local users to acquire the credentials used to control the Mantis database. This updated package corr ... oval:org.mitre.oval:def:7855 Mikal Gule discovered that request-tracker, an extensible trouble-ticket tracking system, is prone to an attack, where an attacker with access to the same domain can hijack a user's RT session. oval:org.mitre.oval:def:7870 Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems: Missing input validation on a user supplied map queryfile name can be ... oval:org.mitre.oval:def:8025 It was discovered that sork-passwd-h3, a Horde3 module for users to change their password, is prone to a cross-site scripting attack via the backend parameter. oval:org.mitre.oval:def:8138 Markus Petrux discovered a cross-site scripting vulnerability in the taxonomy module of drupal6, a fully-featured content management framework. It is also possible that certain browsers using the UTF-7 encoding are vulnerable to a different cross-site scripting vulnerability. oval:org.mitre.oval:def:8375 It was discovered that mahara, an electronic portfolio, weblog, and resume builder, is prone to cross-site scripting attacks, which allows the injection of arbitrary Java or HTML code. The oldstable distribution (etch) does not contain mahara. oval:org.mitre.oval:def:8066 It was discovered that gforge, collaborative development tool, is prone to a cross-site scripting attack via the helpname parameter. Beside fixing this issue, the update also introduces some additional input sanitising. However, there are no known attack vectors. The oldstable distribution (etch), t ... oval:org.mitre.oval:def:8167 It was discovered that ipplan, a web-based IP address manager and tracker, does not sufficiently escape certain input parameters, which allows remote attackers to conduct cross-site scripting attacks. The oldstable distribution (etch) does not contain ipplan. oval:org.mitre.oval:def:8043 Vinny Guido discovered that multiple input sanitising vulnerabilities in Fckeditor, a rich text web editor component, may lead to the execution of arbitrary code. The old stable distribution (etch) doesn't contain fckeditor. oval:org.mitre.oval:def:7916 Christian J. Eibl discovered that the TeX filter of Moodle, a web-based course management system, doesn't check user input for certain TeX commands which allows an attacker to include and display the content of arbitrary system files. Note that this doesn't affect installations that only use the mim ... oval:org.mitre.oval:def:7911 Several remote vulnerabilities have been discovered in Smarty, a PHP templating engine. The Common Vulnerabilities and Exposures project identifies the following problems: The _expand_quoted_text function allows for certain restrictions in templates, like function calling and PHP execution, to be by ... oval:org.mitre.oval:def:7856 Multiple vulnerabilities have been discovered in drupal, a web content management system. The Common Vulnerabilities and Exposures project identifies the following problems: pod.Edge discovered a cross-site scripting vulnerability due that can be triggered when some browsers interpret UTF-8 strings ... oval:org.mitre.oval:def:7703 Several remote vulnerabilities have been discovered in the TYPO3 web content management framework. The Common Vulnerabilities and Exposures project identifies the following problems: The Backend subcomponent allows remote authenticated users to determine an encryption key via crafted input to a form ... oval:org.mitre.oval:def:7880 It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks when renaming attachements or performing other sub-actions. The oldstable distribution (etch) is not vulnerable. oval:org.mitre.oval:def:7579 Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: Cross site scripting vulnerability in the export page allow for an attacker that can place crafted cookies w ... oval:org.mitre.oval:def:8100 Laurent Almeras and Guillaume Smet have discovered a possible SQL injection vulnerability and cross-site scripting vulnerabilities in gforge, a collaborative development tool. Due to insufficient input sanitising, it was possible to inject arbitrary SQL statements and use several parameters to condu ... oval:org.mitre.oval:def:8213 It was discovered that php-mail, a PHP PEAR module for sending email, has insufficient input sanitising, which might be used to obtain sensitive data from the system that uses php-mail. oval:org.mitre.oval:def:8185 Several vulnerabilities have been discovered in Tunapie, a GUI frontend to video and radio streams. The Common Vulnerabilities and Exposures project identifies the following problems: Kees Cook discovered that insecure handling of temporary files may lead to local denial of service through symlink a ... oval:org.mitre.oval:def:7521 Sylvain Beucler discovered that gforge, a collaborative development tool, is prone to a symlink attack, which allows local users to perform a denial of service attack by overwriting arbitrary files. The oldstable distribution (etch), this problem has been fixed in version 4.5.14-22etch13. oval:org.mitre.oval:def:7391 The security update for proftpd-dfsg in DSA-1727-1 caused a regression with the postgresql backend. This update corrects the flaw. Also it was discovered that the oldstable distribution (etch) is not affected by the security issues. For reference the original advisory follows. Two SQL injection vuln ... oval:org.mitre.oval:def:7924 Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via ... oval:org.mitre.oval:def:7952 It was discovered that auth2db, an IDS logger, log viewer and alert generator, is prone to an SQL injection vulnerability, when used with multibyte character encodings. The oldstable distribution (etch) doesn't contain auth2db. oval:org.mitre.oval:def:7539 It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise input data that is used on SQL queries, which might be used to inject arbitrary SQL to, for example, escalate privileges on a system that uses otrs2. The oldstable distribution is not affected. oval:org.mitre.oval:def:8258 Marek Grzybowski discovered that changetrack, a program to monitor changes to (configuration) files, is prone to shell command injection via metacharacters in filenames. The behaviour of the program has been adjusted to reject all filenames with metacharacters. oval:org.mitre.oval:def:8126 Stefan Esser discovered that Horde, a web application framework providing classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more, is insufficiently validating and escaping user provided input. The Horde_Form_Type_image form element allows to reuse a ... oval:org.mitre.oval:def:7590 It was discovered that in ejabberd, a distributed XMPP/Jabber server written in Erlang, a problem in ejabberd_c2s.erl allows remote authenticated users to cause a denial of service by sending a large number of c2s messages; that triggers an overload of the queue, which in turn causes a crash of the ... oval:org.mitre.oval:def:8233 Bas van Schaik discovered that WebSVN, a tool to view Subversion repositories over the web, did not properly restrict access to private repositories, allowing a remote attacker to read significant parts of their content. The old stable distribution (etch) is not affected by this problem. oval:org.mitre.oval:def:8182 Two vulnerabilities have been discovered in mahara, an electronic portfolio, weblog, and resume builder. The Common Vulnerabilities and Exposures project identifies the following problems: Ruslan Kabalin discovered a issue with resetting passwords, which could lead to a privilege escalation of an in ... oval:org.mitre.oval:def:7942 Max Kanat-Alexander, Bradley Baetz, and Frederic Buclin discovered an SQL injection vulnerability in the Bug.create WebService function in Bugzilla, a web-based bug tracking system, which allows remote attackers to execute arbitrary SQL commands. The oldstable distribution (etch) isn't affected by t ... oval:org.mitre.oval:def:8072 Several vulnerabilities have been discovered in wordpress, weblog manager. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that wordpress is prone to an open redirect vulnerability which allows remote attackers to conduct phishing atacks. It was ... oval:org.mitre.oval:def:7762 Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper. oval:org.mitre.oval:def:7859 Josh Triplett discovered that the blacklist for potentially harmful TeX code of the teximg module of the Ikiwiki wiki compiler was incomplete, resulting in information disclosure. The old stable distribution (etch) is not affected. oval:org.mitre.oval:def:7457 Ivan Shmakov discovered that the htmlscrubber component of ikwiki, a wiki compiler, performs insufficient input sanitization on data:image/svg+xml URIs. As these can contain script code this can be used by an attacker to conduct cross-site scripting attacks. oval:org.mitre.oval:def:7566 Several vulnerabilities have been discovered in moin, a python clone of WikiWiki. The Common Vulnerabilities and Exposures project identifies the following problems: Multiple security issues in MoinMoin related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the Sy ... oval:org.mitre.oval:def:8385 b.badrignans discovered that OpenSC, a set of smart card utilities, could store private data on a smart card without proper access restrictions. Only blank cards initialised with OpenSC are affected by this problem. This update only improves creating new private data objects, but cards already initi ... oval:org.mitre.oval:def:7185 It was discovered that php-net-ping, a PHP PEAR module to execute ping independently of the Operating System, performs insufficient input sanitising, which might be used to inject arguments or execute arbitrary commands on a system that uses php-net-ping. oval:org.secpod.oval:def:600715 It was discovered that the last security update for Ruby on Rails, DSA-2301-1, introduced a regression in the libactionpack-ruby package. oval:org.mitre.oval:def:7296 It was discovered that mahara, an electronic portfolio, weblog, and resume builder, is prone to cross-site scripting (XSS) attacks because of missing input sanitization of the introduction text field in user profiles and any text field in a user view. The oldstable distribution (etch) does not conta ... oval:org.secpod.oval:def:600701 Several vulnerabilities were discovered in t1lib, a Postscript Type 1 font rasterizer library, some of which might lead to code execution through the opening of files embedding bad fonts. CVE-2010-2642 A heap-based buffer overflow in the AFM font metrics parser potentially leads to the execution of ... oval:org.secpod.oval:def:600700 Several vulnerabilities were discovered in OpenSSL, an implementation of TLS and related protocols. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2011-4108 The DTLS implementation performs a MAC check only if certain padding is valid, which makes it e ... oval:org.secpod.oval:def:600707 Robert Luberda discovered a buffer overflow in the syslog logging code of Super, a tool to execute scripts as if they were root. The default Debian configuration is not affected. oval:org.secpod.oval:def:600706 Several problems have been discovered in ecryptfs-utils, a cryptographic filesystem for Linux. CVE-2011-1831 Vasiliy Kulikov of Openwall and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to mount to arbitrar ... oval:org.secpod.oval:def:600703 Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service. oval:org.secpod.oval:def:600702 Ray Morris discovered that the PowerDNS authoritative sever responds to response packets. An attacker who can spoof the source address of IP packets can cause an endless packet loop between a PowerDNS authoritative server and another DNS server, leading to a denial of service. oval:org.mitre.oval:def:7290 Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: phpMyAdmin may create a temporary directory, if the configured directory does not exist yet, with insecure filesyst ... oval:org.secpod.oval:def:600611 Several unauthorised SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. Debian, like other software distributors, has as a precaution decided to disable the DigiNotar Root CA by default in the NSS cry ... oval:org.mitre.oval:def:11904 It was discovered that in zonecheck, a tool to check DNS configurations, the CGI does not perform sufficient sanitation of user input; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. oval:org.secpod.oval:def:600612 Several vulnerabilities have been discovered in Rails, the Ruby web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4214 A cross-site scripting vulnerability had been found in the strip_tags function. An attacker may inject non-pri ... oval:org.secpod.oval:def:600618 Several vulnerabilities were found in Mantis, a web-based bug tracking system: Insufficient input validation could result in local file inclusion and cross-site scripting. oval:org.secpod.oval:def:600614 Several unauthorised SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. Debian, like other software distributors, has as a precaution decided to disable the DigiNotar Root CA by default in the NSS cry ... oval:org.mitre.oval:def:7038 Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: David James discovered that the window.opener property allows Chrome pr ... oval:org.secpod.oval:def:600600 Juraj Somorovsky, Andreas Mayer, Meiko Jensen, Florian Kohlar, Marco Kampmann and Joerg Schwenk discovered that Shibboleth, a federated web single sign-on system is vulnerable to XML signature wrapping attacks oval:org.secpod.oval:def:600602 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2011-0084 "regenrecht" discovered that incorrect pointer handling in the SVG processi ... oval:org.secpod.oval:def:600601 David Zych discovered that the ISC DHCP crashes when processing certain packets, leading to a denial of service. oval:org.secpod.oval:def:600608 Tomas Hoger found a buffer overflow in the X.Org libXfont library, which may allow for a local privilege escalation through crafted font files. oval:org.secpod.oval:def:600607 Various vulnerabilities have been found in SquirrelMail, a webmail application. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2010-4554 SquirrelMail did not prevent page rendering inside a third-party HTML frame, which makes it easier for remote attac ... oval:org.secpod.oval:def:600604 It was discovered that insufficient input saniting in Freetype"s code to parse Type1 could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600630 It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges. oval:org.secpod.oval:def:600637 It has been discovered by "frosty_un" that a design flaw in Tor, an online privacy tool, allows malicious relay servers to learn certain information that they should not be able to learn. Specifically, a relay that a user connects to directly could learn which other relays that user is con ... oval:org.secpod.oval:def:600515 It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks when renaming attachements or performing other sub-actions. For the stable distribution , this problem has been fixed in version 1.7.1-3+lenny2. The oldstable distribution is n ... oval:org.secpod.oval:def:600518 Bas van Schaik discovered that WebSVN, a tool to view Subversion repositories over the web, did not properly restrict access to private repositories, allowing a remote attacker to read significant parts of their content. The old stable distribution is not affected by this problem. For the stable di ... oval:org.secpod.oval:def:600639 Leo Iannacone and Colin Watson discovered a format string vulnerability in the Python bindings for the Clearsilver HTML template system, which may lead to denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:600621 Several fraudulent SSL certificates have been found in the wild issued by the DigiNotar Certificate Authority, obtained through a security compromise of said company. After further updates on this incident, it has been determined that all of DigiNotar"s signing certificates can no longer be trusted. ... oval:org.secpod.oval:def:600624 It was discovered that libsoup2.4, a HTTP library implementation in C, is not properly validating input when processing requests made to SoupServer. A remote attacker can exploit this flaw to access system files via a directory traversal attack. oval:org.secpod.oval:def:600620 It has been discovered that the bcfg2 server, a configuration management server for bcfg2 clients, is not properly sanitizing input from bcfg2 clients before passing it to various shell commands. This enables an attacker in control of a bcfg2 client to execute arbitrary commands on the server with r ... oval:org.secpod.oval:def:600508 Josh Triplett discovered that the blacklist for potentially harmful TeX code of the teximg module of the Ikiwiki wiki compiler was incomplete, resulting in information disclosure. The old stable distribution is not affected. For the stable distribution , this problem has been fixed in version 2.53. ... oval:org.secpod.oval:def:600629 It was discovered that Tor, an online privacy tool, incorrectly computes buffer sizes in certain cases involving SOCKS connections. Malicious parties could use this to cause a heap-based buffer overflow, potentially allowing execution of arbitrary code. In Tor"s default configuration this issue can ... oval:org.mitre.oval:def:7097 It was discovered that mahara, an electronic portfolio, weblog, and resume builder is not properly escaping input when generating a unique username based on a remote user name from a single sign-on application. An attacker can use this to compromise the mahara database via crafted user names. oval:org.mitre.oval:def:7093 Jamie Strandboge discovered that moin, a python clone of WikiWiki, does not sufficiently sanitize the page name in "Despam" action, allowing remote attackers to perform cross-site scripting attacks. In addition, this update fixes a minor issue in the "textcha" protection, it could be trivially bypa ... oval:org.secpod.oval:def:600507 Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper. For the stable distribution , this problem has been fixed in version 2.1.0-7. For the oldstable distributio ... oval:org.mitre.oval:def:7089 Several vulnerabilities have been discovered in drupal6, a fully-featured content management framework. A user-supplied value is directly output during installation allowing a malicious user to craft a URL and perform a cross-site scripting attack. The exploit can only be conducted on sites not yet ... oval:org.secpod.oval:def:600655 Tim Starling discovered that the Debian-native CGI wrapper for man2html, a program to convert UNIX man pages to HTML, is not properly escaping user-supplied input when displaying various error messages. A remote attacker can exploit this flaw to conduct cross-site scripting attacks. oval:org.secpod.oval:def:600533 It was discovered that Unbound, a caching DNS resolver, ceases to provide answers for zones signed using DNSSEC after it has processed a crafted query. In addition, this update improves the level of DNSSEC support in the lenny version of Unbound so that it is possible for system administrators to c ... oval:org.secpod.oval:def:600536 Wouter Coekaerts discovered that the jabber server component of citadel, a complete and feature-rich groupware server, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service ... oval:org.secpod.oval:def:600657 The dokuwiki update included in Debian Lenny 5.0.9 to address a cross site scripting issue had a regression rendering links to external websites broken. This update corrects that regression. oval:org.secpod.oval:def:600656 It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges. oval:org.secpod.oval:def:600411 Several vulnerabilities have been discovered in webkit, a Web content engine library for Gtk+. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0945 Array index error in the insertItemBefore method in WebKit, allows remote attackers to execute arbitrary co ... oval:org.secpod.oval:def:600532 It was discovered that the STARTTLS implementation of the Cyrus IMAP server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted IMAP, LMTP, NNTP and POP3 sessions by sending a cleartext command that is processed after TLS is in place. oval:org.secpod.oval:def:600653 It was discovered that Unbound, a recursive DNS resolver, would crash when processing certain malformed DNS responses from authoritative DNS servers, leading to denial of service. CVE-2011-4528 Unbound attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone. ... oval:org.secpod.oval:def:600652 It was discovered that ChaSen, a Japanese morphological analysis system, contains a buffer overflow, potentially leading to arbitrary code execution in programs using the library. oval:org.secpod.oval:def:600538 Several vulnerabilities have been discovered in Rails, the Ruby web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-0446 Multiple cross-site scripting vulnerabilities when JavaScript encoding is used, allow remote attackers to inje ... oval:org.secpod.oval:def:600537 Wouter Coekaerts discovered that ejabberd, a distributed XMPP/Jabber server written in Erlang, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the serv ... oval:org.secpod.oval:def:600658 The ProFTPD security update, DSA-2346-1, introduced a regression, preventing successful TLS connections. This regression does not affected the stable distribution , nor the testing and unstable distributions. oval:org.secpod.oval:def:600539 Several vulnerabilities were discovered in Subversion, the version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1752 The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. CVE- ... oval:org.secpod.oval:def:600644 It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges. oval:org.secpod.oval:def:600525 Several remote vulnerabilities have been discovered in python-zodb, a set of tools for using ZODB, that could lead to arbitrary code execution in the worst case. The Common Vulnerabilities and Exposures project identified the following problems: CVE-2009-0668 The ZEO server doesn"t restrict the call ... oval:org.secpod.oval:def:600641 The information security group at ETH Zurich discovered a denial of service vulnerability in the crypto helper handler of the IKE daemon pluto oval:org.mitre.oval:def:7075 Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: A NULL pointer dereference was found in the SMB/S ... oval:org.secpod.oval:def:600406 It was discovered that gforge, collaborative development tool, is prone to a cross-site scripting attack via the helpname parameter. Beside fixing this issue, the update also introduces some additional input sanitising. However, there are no known attack vectors. For the stable distribution , these ... oval:org.mitre.oval:def:7069 Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: It has been discovered that horde3 is prone to cross-site scripting attacks via crafted number preferences or inline MIME text p ... oval:org.mitre.oval:def:7065 The forms library of python-django, a high-level Python web development framework, is using a badly chosen regular expression when validating email addresses and URLs. An attacker can use this to perform denial of service attacks (100\\\\% CPU consumption) due to bad backtracking via a specially cra ... oval:org.mitre.oval:def:7189 Stefan Goebel discovered that the Debian version of trac-git, the Git add-on for the Trac issue tracking system, contains a flaw which enables attackers to execute code on the web server running trac-git by sending crafted HTTP queries. The old stable distribution does not contain a trac-git packag ... oval:org.secpod.oval:def:600313 The forms library of python-django, a high-level Python web development framework, is using a badly chosen regular expression when validating email addresses and URLs. An attacker can use this to perform denial of service attacks due to bad backtracking via a specially crafted email address or URL ... oval:org.secpod.oval:def:600437 Several remote vulnerabilities have been discovered in the zope, a feature-rich web application server written in python, that could lead to arbitrary code execution in the worst case. The Common Vulnerabilities and Exposures project identified the following problems: Due to a programming error an a ... oval:org.secpod.oval:def:600558 Two security vulnerabilities have been discovered in Mahara, a fully featured electronic portfolio, weblog, resume builder and social networking system: CVE-2011-0439 A security review commissioned by a Mahara user discovered that Mahara processes unsanitized input which can lead to cross-site scrip ... oval:org.secpod.oval:def:600678 Advisory DSA 2363-1 did not include a package for the Debian 5.0 "Lenny" suite at that time. This update adds that package. The original advisory text follows. It was discovered that Movable Type, a weblog publishing system, contains several security vulnerabilities: A remote attacker could execute ... oval:org.secpod.oval:def:600552 It has been discovered that the Quagga routing daemon contains two denial-of-service vulnerabilities in its BGP implementation: CVE-2010-1674 A crafted Extended Communities attribute triggers a null pointer dereference which causes the BGP daemon to crash. The crafted attributes are not propagated b ... oval:org.secpod.oval:def:600554 Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3677 It was discovered that MySQL allows remote authenticated users to cause a denial of service via a join query that uses a table ... oval:org.mitre.oval:def:6808 Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems: A local file inclusion vulnerability allows remote attackers to execute arbitrary PHP code and include ... oval:org.secpod.oval:def:600553 Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder. The following Common Vulnerabilities and Exposures project ids identify them: CVE-2011-1402 It was discovered that previous versions of Mahara did not check user credentials before adding a secret ... oval:org.secpod.oval:def:600674 A cross-site scriping vulnerability was discovered in the rst parser of Moin, a Python clone of WikiWiki. oval:org.secpod.oval:def:600319 Several remote vulnerabilities have been discovered in the TYPO3 web content management framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3628 The Backend subcomponent allows remote authenticated users to determine an encryption key via crafted i ... oval:org.secpod.oval:def:600671 David Wheeler discovered a buffer overflow in ldns"s code to parse RR records, which could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600670 Multiple security issues have been discovered in cyrus-imapd, a highly scalable mail system designed for use in enterprise environments. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-3208 Coverity discovered a stack-based buffer overflow in the NNTP ser ... oval:org.secpod.oval:def:600544 Jakub Wilk discovered that the dpkg-source component of dpkg, the Debian package management system, doesn"t correctly handle paths in patches of source packages, which could make it traverse directories. Raphaël Hertzog additionally discovered that symbolic links in the .pc directory are follow ... oval:org.secpod.oval:def:600668 It was discovered that missing input sanitising in Freetype"s processing of CID-keyed fonts could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600420 Markus Petrux discovered a cross-site scripting vulnerability in the taxonomy module of drupal6, a fully-featured content management framework. It is also possible that certain browsers using the UTF-7 encoding are vulnerable to a different cross-site scripting vulnerability. For the stable distribu ... oval:org.secpod.oval:def:600541 Ulrik Persson reported a stack-based buffer overflow flaw in FontForge, a font editor. When processed a crafted Bitmap Distribution Format FontForge could crash or execute arbitrary code with the privileges of the user running FontForge. oval:org.secpod.oval:def:600662 Petr Sklenar and Tomas Hoger discovered that missing input sanitising in the GIF decoder inside the Cups printing system could lead to denial of service or potentially arbitrary code execution through crafted GIF files. oval:org.secpod.oval:def:600661 Multiple vulnerabilities were found in the acpid, the Advanced Configuration and Power Interface event daemon: CVE-2011-1159 Vasiliy Kulikov of OpenWall discovered that the socket handling is vulnerable to denial of service. CVE-2011-2777 Oliver-Tobias Ripka discovered that incorrect process handlin ... oval:org.secpod.oval:def:600543 Several vulnerabilities were in Request Tracker, an issue tracking system. CVE-2011-1685 If the external custom field feature is enabled, Request Tracker allows authenticated users to execute arbitrary code with the permissions of the web server, possible triggered by a cross-site request forgery at ... oval:org.secpod.oval:def:600664 It was discovered that Puppet, a centralized configuration management solution, misgenerated certificates if the "certdnsnames" option was used. This could lead to man in the middle attacks oval:org.secpod.oval:def:600542 OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to inject arbitrary commands in the arguments of this utility. If a local unprivileged user is authorized by sudoers file to run opcontrol as root, this user coul ... oval:org.secpod.oval:def:600428 It was discovered that roundup, an issue tracker with a command-line, web and email interface, allows users to edit resources in unauthorized ways, including granting themselves admin rights. This update introduces stricter access checks, actually enforcing the configured permissions and roles. This ... oval:org.secpod.oval:def:600427 Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3696 Cross-site scripting vulnerability allows remote attackers to inject arbitrary web script or ... oval:org.secpod.oval:def:600429 The previous update introduced a regression in main.php, causing the module to fail. This update corrects the flaw. For reference the original advisory text is below. It was discovered that sork-passwd-h3, a Horde3 module for users to change their password, is prone to a cross-site scripting attack ... oval:org.secpod.oval:def:600336 It was discovered that mahara, an electronic portfolio, weblog, and resume builder, is prone to cross-site scripting attacks because of missing input sanitization of the introduction text field in user profiles and any text field in a user view. The oldstable distribution does not contain mahara. ... oval:org.secpod.oval:def:600335 David Kierznowski discovered that libcurl, a multi-protocol file transfer library, when configured to follow URL redirects automatically, does not question the new target location. As libcurl also supports file:// and scp:// URLs - depending on the setup - an untrusted server could use that to expos ... oval:org.secpod.oval:def:600577 Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox: CVE-2011-0083 / CVE-2011-2363 "regenrecht" discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. CVE-2011-0085 "regenrecht" discovered a use-afte ... oval:org.secpod.oval:def:600698 It was discovered that the foomatic-filters, a support package for setting up printers, allowed authenticated users to submit crafted print jobs which would execute shell commands on the print servers. CVE-2011-2697 was assigned to the vulnerability in the Perl implementation included in lenny, and ... oval:org.secpod.oval:def:600459 It was discovered that squid3, a high-performance proxy caching server for web clients, is prone to several denial of service attacks. Due to incorrect bounds checking and insufficient validation while processing response and request data an attacker is able to crash the squid daemon via crafted req ... oval:org.secpod.oval:def:600337 Several vulnerabilities have been discovered in Tunapie, a GUI frontend to video and radio streams. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1253 Kees Cook discovered that insecure handling of temporary files may lead to local denial of service thr ... oval:org.secpod.oval:def:600211 Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon: CVE-2008-7265 Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption. CVE-2010-3867 Several directory traversal vulnerabilities have been discovered in t ... oval:org.secpod.oval:def:600210 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2010-1585 Roberto Suggi Liverani discovered that the sanitising performed by ParanoidFragmentSi ... oval:org.secpod.oval:def:600331 Sylvain Beucler discovered that gforge, a collaborative development tool, is prone to a symlink attack, which allows local users to perform a denial of service attack by overwriting arbitrary files. For the stable distribution , this problem has been fixed in version 4.7~rc2-7lenny3. The oldstable d ... oval:org.secpod.oval:def:600213 Witold Baryluk discovered that MaraDNS, a simple security-focused Domain Name Service server, may overflow an internal buffer when handling requests with a large number of labels, causing a server crash and the consequent denial of service. oval:org.secpod.oval:def:600334 It was discovered that auth2db, an IDS logger, log viewer and alert generator, is prone to an SQL injection vulnerability, when used with multibyte character encodings. For the stable distribution , this problem has been fixed in version 0.2.5-2+dfsg-1+lenny1. The oldstable distribution doesn"t con ... oval:org.secpod.oval:def:600576 Richard Silverman discovered that when doing GSSAPI authentication, libcurl unconditionally performs credential delegation. This hands the server a copy of the client"s security credentials, allowing the server to impersonate the client to any other using the same GSSAPI mechanism. This is obviously ... oval:org.secpod.oval:def:600696 It was discovered that cyrus-imapd, a highly scalable mail system designed for use in enterprise environments, is not properly parsing mail headers when a client makes use of the IMAP threading feature. As a result, a NULL pointer is dereferenced which crashes the daemon. An attacker can trigger thi ... oval:org.secpod.oval:def:600572 Mark Martinec discovered that Perl incorrectly clears the tainted flag on values returned by case conversion functions such as "lc". This may expose preexisting vulnerabilities in applications which use these functions while processing untrusted input. No such applications are known at thi ... oval:org.secpod.oval:def:600693 Paul McMillan, Mozilla and the Django core team discovered several vulnerabilities in Django, a Python web framework: CVE-2011-4136 When using memory-based sessions and caching, Django sessions are stored directly in the root namespace of the cache. When user data is stored in the same cache, a remo ... oval:org.secpod.oval:def:600692 The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code. oval:org.secpod.oval:def:600567 It was discovered that the STARTTLS implementation of the Kolab Cyrus IMAP server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted IMAP, LMTP, NNTP and POP3 sessions by sending a cleartext command that is processed after TLS is in p ... oval:org.secpod.oval:def:600203 It was discovered that telepathy-gabble, the Jabber/XMMP connection manager for the Telepathy framework, is processing google:jingleinfo updates without validating their origin. This may allow an attacker to trick telepathy-gabble into relaying streamed media data through a server of his choice and ... oval:org.secpod.oval:def:600569 Two vulnerabilities were discovered in Ruby on Rails, a web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3086 The cookie store may be vulnerability to a timing attack, potentially allowing remote attackers to forge message digest ... oval:org.secpod.oval:def:600689 Several vulnerabilities were discovered in ProFTPD, an FTP server: ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue similar to CVE-2011-0411. CVE-2011-4130 ProFTPD uses a response pool after freeing it under exceptional conditio ... oval:org.secpod.oval:def:600442 It was discovered that mahara, an electronic portfolio, weblog, and resume builder, is prone to cross-site scripting attacks, which allows the injection of arbitrary Java or HTML code. For the stable distribution , this problem has been fixed in version 1.0.4-4+lenny1. The oldstable distribution do ... oval:org.secpod.oval:def:600563 It was discovered that pam-pgsql, a PAM module to authenticate using a PostgreSQL database, was vulnerable to a buffer overflow in supplied IP-addresses. oval:org.secpod.oval:def:600684 Several weak certificates were issued by Malaysian intermediate CA "Digicert Sdn. Bhd." This event, along with other issues, has lead to Entrust Inc. and Verizon Cybertrust to revoke the CA"s cross-signed certificates. This update to OpenSSL, a Secure Sockets Layer toolkit, reflects this d ... oval:org.secpod.oval:def:600562 The BIND, a DNS server, contains a defect related to the processing of new DNSSEC DS records by the caching resolver, which may lead to name resolution failures in the delegated zone. If DNSSEC validation is enabled, this issue can make domains ending in .COM unavailable when the DS record for .COM ... oval:org.secpod.oval:def:600202 Philip Martin discovered that HTTP-based Subversion servers crash when processing lock requests on repositories which support unauthenticated read access. oval:org.secpod.oval:def:600686 Michael Brooks discovered a reflective XSS flaw in cgiirc, a web based IRC client, which could lead to the execution of arbitrary javascript. oval:org.secpod.oval:def:600328 Several vulnerabilities have been discovered in wordpress, weblog manager. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-6762 It was discovered that wordpress is prone to an open redirect vulnerability which allows remote attackers to conduct phishing a ... oval:org.secpod.oval:def:600680 It was discovered that missing input sanitising in Freetype"s glyph handling could lead to memory corruption, resulting in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:600560 Chris Evans discovered that libxml was vulnerable to buffer overflows, which allowed a crafted XML input file to potentially execute arbitrary code. oval:org.secpod.oval:def:600681 Several vulnerabilities were discovered in Mahara, an electronic portfolio, weblog, and resume builder: CVE-2011-2771 Teemu Vesala discovered that missing input sanitising of RSS feeds could lead to cross-site scripting. CVE-2011-2772 Richard Mansfield discovered that insufficient upload restriction ... oval:org.secpod.oval:def:600237 Nicolas Gregoire discovered that the XML Security Library xmlsec allowed remote attackers to create or overwrite arbitrary files through specially crafted XML files using the libxslt output extension and a ds:Transform element during signature verification. oval:org.secpod.oval:def:600358 It was discovered that ejabberd, a distributed, fault-tolerant Jabber/XMPP server, does not sufficiently sanitise MUC logs, allowing remote attackers to perform cross-site scripting attacks. For the stable distribution , this problem has been fixed in version 2.0.1-6+lenny1. The oldstable distribut ... oval:org.secpod.oval:def:600596 Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-2703 Several instances of insufficient escaping of user inpu ... oval:org.secpod.oval:def:600113 Sebastian Krahmer discovered that a race condition in the KDE Desktop Environment"s KDM display manager, allow a local user to elevate privileges to root. For the stable distribution , this problem has been fixed in version 4:3.5.9.dfsg.1-6+lenny1. For the unstable distribution , this problem will b ... oval:org.secpod.oval:def:600355 Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1150 Cross site scripting vulnerability in the export page allow for an attacker that can place cra ... oval:org.secpod.oval:def:600471 It was discovered that php-net-ping, a PHP PEAR module to execute ping independently of the Operating System, performs insufficient input sanitising, which might be used to inject arguments or execute arbitrary commands on a system that uses php-net-ping. For the stable distribution , this problem ... oval:org.secpod.oval:def:600592 It was discovered that horde3, the horde web application framework, is prone to a cross-site scripting attack and a cross-site request forgery. oval:org.secpod.oval:def:600591 Sebastian Krahmer discovered that opie, a system that makes it simple to use One-Time passwords in applications, is prone to a privilege escalation and an off-by-one error, which can lead to the execution of arbitrary code . Adam Zabrocki and Maksymilian Arciemowicz also discovered another off-by-o ... oval:org.secpod.oval:def:600110 Jeremy James discovered that in zope-ldapuserfolder, a Zope extension used to authenticate against an LDAP server, the authentication code does not verify the password provided for the emergency user. Malicious users that manage to get the emergency user login can use this flaw to gain administrativ ... oval:org.secpod.oval:def:600231 Sebastian Krahmer and Marius Tomaschewski discovered that dhclient of dhcp3, a DHCP client, is not properly filtering shell meta-characters in certain options in DHCP server responses. These options are reused in an insecure fashion by dhclient scripts. This allows an attacker to execute arbitrary c ... oval:org.mitre.oval:def:6966 It was discovered that firefox-sage, a lightweight RSS and Atom feed reader for Firefox, does not sanitise the RSS feed information correctly, which makes it prone to a cross-site scripting and a cross-domain scripting attack. oval:org.secpod.oval:def:600590 Jamie Strandboge noticed that the patch propoused to fix CVE-2011-1760 in OProfile has been incomplete. For reference, the description of the original DSA, is: OProfile is a performance profiling tool which is configurable by opcontrol, its control utility. Stephane Chauveau reported several ways to ... oval:org.secpod.oval:def:600347 Several remote vulnerabilities have been discovered in SquirrelMail, a webmail application. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1578 Cross site scripting was possible through a number of pages which allowed an attacker to steal sensitive sessi ... oval:org.secpod.oval:def:600104 Several vulnerabilities have been discovered in mediawiki, a web-based wiki engine. The following issues have been identified: Insufficient input sanitization in the CSS validation code allows editors to display external images in wiki pages. This can be a privacy concern on public wikis as it allow ... oval:org.secpod.oval:def:600107 It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise input data that is used on SQL queries, which might be used to inject arbitrary SQL to, for example, escalate privileges on a system that uses otrs2. The oldstable distribution is not affected. For the stable d ... oval:org.secpod.oval:def:600106 It was discovered that smbind, a PHP-based tool for managing DNS zones for BIND, does not properly validating input. An unauthenticated remote attacker could execute arbitrary SQL commands or gain access to the admin account. For the stable distribution , this problem has been fixed in version 0.4.7 ... oval:org.secpod.oval:def:600100 The update for TYPO3 in DSA 2098 introduced a regression which could make the backend functionality unusable. This update corrects the problem. For reference the original advisory below. Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: cross-site Scr ... oval:org.secpod.oval:def:600221 Moritz Naumann discovered that imp4, a webmail component for the horde framework, is prone to cross-site scripting attacks by a lack of input sanitising of certain fetchmail information. oval:org.secpod.oval:def:600342 Mikal Gule discovered that request-tracker, an extensible trouble-ticket tracking system, is prone to an attack, where an attacker with access to the same domain can hijack a user"s RT session. For the stable distribution , this problem has been fixed in version 3.6.7-5+lenny3. For the oldstable dis ... oval:org.secpod.oval:def:600345 It was discovered that squid3, a high-performance proxy caching server for web clients, is prone to several denial of service attacks. Due to incorrect bounds checking and insufficient validation while processing response and request data an attacker is able to crash the squid daemon via crafted req ... oval:org.secpod.oval:def:600587 Paul Belanger reported a vulnerability in Asterisk identified as AST-2011-008 through which an unauthenticated attacker may crash an Asterisk server remotely. A package containing a null char causes the SIP header parser to alter unrelated memory structures. Jared Mauch reported a vulnerability in ... oval:org.secpod.oval:def:600223 This update for the Network Security Service libraries marks several fraudulent HTTPS certificates as unstrusted. oval:org.secpod.oval:def:600465 Stefan Esser discovered that Horde, a web application framework providing classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more, is insufficiently validating and escaping user provided input. The Horde_Form_Type_image form element allows to reuse a ... oval:org.secpod.oval:def:600586 DSA 2276-1 for Asterisk in the oldstable distribution introduced a functionality bug which invokes an undefined symbol. oval:org.secpod.oval:def:600109 Bob Clary, Dan Kaminsky and David Keeler discovered that in libtheora, a video library part of the Ogg project, several flaws allow allow context-dependent attackers via a large and specially crafted media file, to cause a denial of service , and possibly arbitrary code execution. For the stable dis ... oval:org.secpod.oval:def:600108 It was discovered that ajaxterm, a web-based terminal, generates weak and predictable session IDs, which might be used to hijack a session or cause a denial of service attack on a system that uses ajaxterm. For the oldstable distribution , the problem has been fixed in version 0.9-2+etch1. For the s ... oval:org.secpod.oval:def:600460 It was discovered that mahara, an electronic portfolio, weblog, and resume builder is prone to several cross-site scripting attacks, which allow an attacker to inject arbitrary HTML or script code and steal potential sensitive data from other users. The oldstable distribution does not contain mahar ... oval:org.secpod.oval:def:600580 It was discovered that Perl"s Safe module - a module to compile and execute code in restricted compartments - could by bypassed. Please note that this update is known to break Petal, an XML-based templating engine . A fix is not yet available. If you use Petal, you might consider to put the previous ... oval:org.secpod.oval:def:600138 Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. For the stable distribution , this problem has been fixe ... oval:org.secpod.oval:def:600258 Sebastien Helleu discovered that an error in the handling of color codes in the weechat IRC client could cause an out-of-bounds read of an internal color array. This can be used by an attacker to crash user clients via a crafted PRIVMSG command. The weechat version in the oldstable distribution is ... oval:org.secpod.oval:def:600019 DSA-2106-1 introduced a regression that could lead to an application crash. This update fixes this problem. For reference, the text of the original advisory is provided below. Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vul ... oval:org.secpod.oval:def:600018 Several remote vulnerabilities have been discovered in Moodle, a course management system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1613 Moodle does not enable the "Regenerate session id during login" setting by default, which makes it ea ... oval:org.secpod.oval:def:600139 Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder. The following Common Vulnerabilities and Exposures project ids identify them: CVE-2010-1667 Multiple pages performed insufficient input sanitising, making them vulnerable to cross-site scripting a ... oval:org.secpod.oval:def:600012 Alasdair Kergon discovered that the cluster logical volume manager daemon in lvm2, The Linux Logical Volume Manager, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service. For the stable distribution , this problem has been fixed in versi ... oval:org.secpod.oval:def:600254 Several remote vulnerabilities have been discovered in Smarty, a PHP templating engine. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-4810 The _expand_quoted_text function allows for certain restrictions in templates, like function calling and PHP execu ... oval:org.secpod.oval:def:600136 Bui Quang Minh discovered that libxml2, a library for parsing and handling XML data files, does not well process a malformed XPATH, causing crash and allowing arbitrary code execution. For the stable distribution , this problem has been fixed in version 2.6.32.dfsg-5+lenny2. For the testing and uns ... oval:org.secpod.oval:def:600014 David Leadbeater discovered an integer underflow that could be triggered via the LINKS command and can lead to a denial of service or the execution of arbitrary code . This issue affects both, ircd-hybrid and ircd-ratbox. It was discovered that the ratbox IRC server is prone to a denial of service a ... oval:org.mitre.oval:def:6827 It was discovered that ajaxterm, a web-based terminal, generates weak and predictable session IDs, which might be used to hijack a session or cause a denial of service attack on a system that uses ajaxterm. oval:org.secpod.oval:def:600011 Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0403 A local file inclusion vulnerability allows remote attackers to execute arbitrary PHP co ... oval:org.secpod.oval:def:600494 Vinny Guido discovered that multiple input sanitising vulnerabilities in Fckeditor, a rich text web editor component, may lead to the execution of arbitrary code. The old stable distribution doesn"t contain fckeditor. For the stable distribution , this problem has been fixed in version 1:2.6.2-1len ... oval:org.secpod.oval:def:600489 It was discovered that ipplan, a web-based IP address manager and tracker, does not sufficiently escape certain input parameters, which allows remote attackers to conduct cross-site scripting attacks. For the stable distribution , this problem has been fixed in version 4.86a-7+lenny1. The oldstable ... oval:org.secpod.oval:def:600002 A vulnerability has been found in krb5, the MIT implementation of Kerberos. MIT krb5 clients incorrectly accept an unkeyed checksums in the SAM-2 preauthentication challenge: An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of r ... oval:org.secpod.oval:def:600123 Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based groupware suite: Missing input sanitising in the spellchecker integration may lead to the execution of arbitrary commands and a cross-site scripting vulnerability was discovered in the login page. For the stable distribution , ... oval:org.secpod.oval:def:600001 Ivan Shmakov discovered that the htmlscrubber component of ikwiki, a wiki compiler, performs insufficient input sanitization on data:image/svg+xml URIs. As these can contain script code this can be used by an attacker to conduct cross-site scripting attacks. For the stable distribution , this proble ... oval:org.secpod.oval:def:600364 It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon, does not properly handle a "\0" character in a domain name in the Subject Alternative Name field of an X.509 client certificate, when the dNSNameRequired TLS option is enabled. For the stable distribution , this problem has been ... oval:org.secpod.oval:def:600487 Multiple vulnerabilities have been discovered in drupal, a web content management system. pod.Edge discovered a cross-site scripting vulnerability due that can be triggered when some browsers interpret UTF-8 strings as UTF-7 if they appear before the generated HTML document defines its Content-Type. ... oval:org.secpod.oval:def:600000 A regression was found in the patch applied in DSA 1919-1 to smarty, which caused compilation failures on some specific templates. This update corrects the fix. For reference, the full advisory text below. Several remote vulnerabilities have been discovered in Smarty, a PHP templating engine. The Co ... oval:org.secpod.oval:def:600120 It was discovered that imlib2, a library to load and process several image formats, did not properly process various image file types. Several heap and stack based buffer overflows - partly due to integer overflows - in the ARGB, BMP, JPEG, LBM, PNM, TGA and XPM loaders can lead to the execution of ... oval:org.secpod.oval:def:600156 It was discovered that mahara, an electronic portfolio, weblog, and resume builder is not properly escaping input when generating a unique username based on a remote user name from a single sign-on application. An attacker can use this to compromise the mahara database via crafted user names. For th ... oval:org.secpod.oval:def:600398 Laurent Almeras and Guillaume Smet have discovered a possible SQL injection vulnerability and cross-site scripting vulnerabilities in gforge, a collaborative development tool. Due to insufficient input sanitising, it was possible to inject arbitrary SQL statements and use several parameters to condu ... oval:org.secpod.oval:def:600037 It was discovered that Cacti, a frontend to rrdtool for monitoring systems and services missed input sanitising, making an SQL injection attack possible. For the stable distribution , this problem has been fixed in version 0.8.7b-2.1+lenny2. For the unstable distribution , this problem will be fixed ... oval:org.secpod.oval:def:600036 tixxDZ discovered a vulnerability in the mplayer movie player. Missing data validation in mplayer"s real data transport implementation enable an integer underflow and consequently an unbounded buffer operation. A maliciously crafted stream could thus enable an attacker to execute arbitrary code. N ... oval:org.secpod.oval:def:600399 It was discovered that sork-passwd-h3, a Horde3 module for users to change their password, is prone to a cross-site scripting attack via the backend parameter. For the oldstable distribution , this problem has been fixed in version 3.0-2+etch1. For the stable distribution , this problem has been fix ... oval:org.mitre.oval:def:6884 It was discovered that Cacti, a frontend to rrdtool for monitoring systems and services missed input sanitising, making an SQL injection attack possible. oval:org.secpod.oval:def:600393 It was discovered that dkim-milter, an implementation of the DomainKeys Identified Mail protocol, may crash during DKIM verification if it encounters a specially-crafted or revoked public key record in DNS. The old stable distribution does not contain dkim-milter packages. For the stable distributi ... oval:org.secpod.oval:def:600033 Stefan Goebel discovered that the Debian version of trac-git, the Git add-on for the Trac issue tracking system, contains a flaw which enables attackers to execute code on the web server running trac-git by sending crafted HTTP queries. The old stable distribution does not contain a trac-git packag ... oval:org.secpod.oval:def:600396 It was discovered that the Debian Mantis package, a web based bug tracking system, installed the database credentials in a file with world-readable permissions onto the local filesystem. This allows local users to acquire the credentials used to control the Mantis database. This updated package corr ... oval:org.secpod.oval:def:600032 It was discovered that collectd, a statistics collection and monitoring daemon, is prone to a denial of service attach via a crafted network packet. For the stable distribution , this problem has been fixed in version 4.4.2-3+lenny1. For the testing distribution , this problem has been fixed in vers ... oval:org.secpod.oval:def:600153 Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: cross-site Scripting, open redirection, SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code execution. The testing distribution ... oval:org.secpod.oval:def:600395 Marek Grzybowski discovered that changetrack, a program to monitor changes to files, is prone to shell command injection via metacharacters in filenames. The behaviour of the program has been adjusted to reject all filenames with metacharacters. For the stable distribution , this problem has been f ... oval:org.secpod.oval:def:600269 Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0843 Missing input validation on a user supplied map queryfi ... oval:org.secpod.oval:def:600266 Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services. The Common Vulnerabilities and Exposures project identifies the following problems: An incorrect format string in sscanf use ... oval:org.secpod.oval:def:600146 Several vulnerabilities have been discovered in Moodle, an online course management system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4297 Multiple cross-site request forgery vulnerabilities have been discovered. CVE-2009-4298 It has been discovere ... oval:org.mitre.oval:def:6751 Several vulnerabilities have been discovered in dokuwiki, a standards compliant simple to use wiki. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that an internal variable is not properly sanitized before being used to list directories. This ca ... oval:org.mitre.oval:def:6873 Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based groupware suite: Missing input sanitising in the spellchecker integration may lead to the execution of arbitrary commands and a cross-site scripting vulnerability was discovered in the login page. oval:org.secpod.oval:def:600140 It was discovered that a programming error in the archive test mode of cabextract, a program to extract Microsoft Cabinet files, could lead to the execution of arbitrary code. For the stable distribution , this problem has been fixed in version 1.2-3+lenny1. For the unstable distribution , this prob ... oval:org.secpod.oval:def:600382 Christian J. Eibl discovered that the TeX filter of Moodle, a web-based course management system, doesn"t check user input for certain TeX commands which allows an attacker to include and display the content of arbitrary system files. Note that this doesn"t affect installations that only use the mim ... oval:org.secpod.oval:def:600022 The trac-git package released in DSA-1990-1 had a wrong dependency that could not be satisfied in Debian stable. This update corrects this problem. For reference, the original advisory text is provided below. Stefan Goebel discovered that the Debian version of trac-git, the Git add-on for the Trac i ... oval:org.secpod.oval:def:600263 Two vulnerabilities have been discovered in, an electronic portfolio, weblog, and resume builder. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3298 Ruslan Kabalin discovered a issue with resetting passwords, which could lead to a privilege escalation o ... oval:org.secpod.oval:def:600299 It was discovered that firefox-sage, a lightweight RSS and Atom feed reader for Firefox, does not sanitise the RSS feed information correctly, which makes it prone to a cross-site scripting and a cross-domain scripting attack. For the stable distribution , this problem has been fixed in version 1.4. ... oval:org.secpod.oval:def:600056 Kevin Finisterre discovered that several integer overflows in the TIFF library could lead to the execution of arbitrary code. For the stable distribution , this problem has been fixed in version 3.8.2-11.3. For the unstable distribution , this problem has been fixed in version 3.9.4-1. We recommend ... oval:org.secpod.oval:def:600177 It was discovered a regression of a buffer overflow in nbd, the Network Block Device server, that could allow arbitrary code execution on the NBD server via a large request. oval:org.secpod.oval:def:600298 Max Kanat-Alexander, Bradley Baetz, and Frédéric Buclin discovered an SQL injection vulnerability in the Bug.create WebService function in Bugzilla, a web-based bug tracking system, which allows remote attackers to execute arbitrary SQL commands. For the stable distribution , t ... oval:org.secpod.oval:def:600058 It was discovered that in zonecheck, a tool to check DNS configurations, the CGI does not perform sufficient sanitation of user input; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. For the stable distribution , this problem has been fix ... oval:org.secpod.oval:def:600176 Andres Lopez Luksenberg discovered a buffer overflow in the OID parser of libsmi, a library to access SMI MIB data. oval:org.secpod.oval:def:600054 It was discovered that moin, a python clone of WikiWiki, does not sufficiently sanitize parameters when passing them to the add_msg function. This allows a remote attackers to conduct cross-site scripting attacks for example via the template parameter. For the stable distribution , this problem has ... oval:org.secpod.oval:def:600051 DSA-2115-1 introduced a regression because it lacked a dependency on the wwwconfig-common package, leading to installations problems. This update addresses this issue. For reference, the text of the original advisory is provided below. Several remote vulnerabilities have been discovered in Moodle, a ... oval:org.secpod.oval:def:600172 Two vulnerabilities were discovered the distributed filesystem AFS: CVE-2011-0430 Andrew Deason discovered that a double free in the Rx server process could lead to denial of service or the execution of arbitrary code. CVE-2011-0431 It was discovered that insufficient error handling in the kernel mo ... oval:org.secpod.oval:def:600171 Volker Lendecke discovered that missing range checks in Samba"s file descriptor handling could lead to memory corruption, resulting in denial of service. oval:org.secpod.oval:def:600049 Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-7251 phpMyAdmin may create a temporary directory, if the configured directory does not exist yet, with ins ... oval:org.secpod.oval:def:600046 Several remote vulnerabilities have been discovered in TYPO3. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3714 Multiple remote file disclosure vulnerabilities in the jumpUrl mechanism and the Extension Manager allowed attackers to read files with the ... oval:org.secpod.oval:def:600289 Several vulnerabilities have been found in drupal6, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2372 Gerhard Killesreiter discovered a flaw in the way user signatures are handled. It is possible for a use ... oval:org.secpod.oval:def:600164 Vincent Bernat discovered that pimd, a multicast routing daemon, creates files with predictable names upon the receipt of particular signals. oval:org.mitre.oval:def:11696 Stefan Esser discovered that cacti, a front-end to rrdtool for monitoring systems and services, is not properly validating input passed to the rra_id parameter of the graph.php script. Due to checking the input of $_REQUEST but using $_GET input in a query an unauthenticated attacker is able to perf ... oval:org.secpod.oval:def:600078 It was discovered that phpLDAPadmin, a web based interface for administering LDAP servers, doesn"t sanitize an internal variable, which allows remote attackers to include and execute arbitrary local files. The oldstable distribution is not affected by this problem. For the stable distribution , thi ... oval:org.secpod.oval:def:600199 Matthew Nicholson discovered a buffer overflow in the SIP channel driver of Asterisk, an open source PBX and telephony toolkit, which could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600075 Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3237 It has been discovered that horde3 is prone to cross-site scripting attacks via crafted number preferences or inli ... oval:org.secpod.oval:def:600191 Dominik George discovered that logwatch does not guard against shell meta-characters in crafted log file names . As a result, an attacker might be able to execute shell commands on the system running logwatch. oval:org.secpod.oval:def:600189 It was discovered that a buffer overflow in the ENTTEC dissector may lead to the execution of arbitrary code. oval:org.mitre.oval:def:6675 Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems: An SQL injection vulnerability was found in the authentication module. Multiple directory traversal vu ... oval:org.mitre.oval:def:6671 Several vulnerabilities have been discovered in Moodle, an online course management system. The Common Vulnerabilities and Exposures project identifies the following problems: Multiple cross-site request forgery vulnerabilities have been discovered. It has been discovered that the LAMS module is pr ... oval:org.secpod.oval:def:600185 The developers of Tor, an anonymizing overlay network for TCP, found three security issues during a security audit. A heap overflow allowed the execution of arbitrary code , a denial of service vulnerability was found in the zlib compression handling and some key memory was incorrectly zeroed out be ... oval:org.secpod.oval:def:600184 Several vulnerabilties have been discovered in phpCAS, a CAS client library for PHP. The Moodle course management system includes a copy of phpCAS. oval:org.secpod.oval:def:600066 Two security issues have been discovered in Ghostscript, the GPL PostScript/PDF interpreter. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4897 It was discovered a buffer overflow that allows remote attackers to execute arbitrary code or cause a denial ... oval:org.secpod.oval:def:600180 D. Fabian and L. Weichselbaum discovered a directory traversal vulnerability in MyDMS, a open-source document management system based on PHP and MySQL. oval:org.secpod.oval:def:600062 Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4414 An SQL injection vulnerability was found in the authentication module. CVE-2009-4415 Mul ... oval:org.secpod.oval:def:600061 It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insuficient input sanitising in the TrackBack transmission plugin. For the stable distribution , this problem has been fixed in version 2.2.1-1+lenny1. For the testing distr ... oval:org.secpod.oval:def:600096 Several vulnerabilities have been discovered in Xulrunner, the component that provides the core functionality of Iceweasel, Debian"s variant of Mozilla"s browser technology. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3765 Xulrunner allows remote atta ... oval:org.secpod.oval:def:600092 Stefan Esser discovered that cacti, a front-end to rrdtool for monitoring systems and services, is not properly validating input passed to the rra_id parameter of the graph.php script. Due to checking the input of $_REQUEST but using $_GET input in a query an unauthenticated attacker is able to perf ... oval:org.secpod.oval:def:600080 Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. For the upcoming stable distribution and the unstable distribution , th ... oval:org.secpod.oval:def:600088 Ronald Volgers discovered that the lppasswd component of the cups suite, the Common UNIX Printing System, is vulnerable to format string attacks due to insecure use of the LOCALEDIR environment variable. An attacker can abuse this behaviour to execute arbitrary code via crafted localization files an ... oval:org.secpod.oval:def:600084 Several vulnerabilities have been discovered in drupal6 a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3091 Several issues have been discovered in the OpenID module that allows malicious access to user accou ... oval:org.mitre.oval:def:7333 Several vulnerabilities have been found in drupal6, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following problems: Gerhard Killesreiter discovered a flaw in the way user signatures are handled. It is possible for a user to inject ar ... oval:org.mitre.oval:def:11886 Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder. The following Common Vulnerabilities and Exposures project ids identify them: Multiple pages performed insufficient input sanitising, making them vulnerable to cross-site scripting attacks. Multip ... oval:org.mitre.oval:def:7137 Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory. oval:org.mitre.oval:def:7366 It was discovered that roundup, an issue tracker with a command-line, web and email interface, allows users to edit resources in unauthorized ways, including granting themselves admin rights. This update introduces stricter access checks, actually enforcing the configured permissions and roles. This ... oval:org.mitre.oval:def:7111 It was discovered that phpLDAPadmin, a web based interface for administering LDAP servers, doesn"t sanitize an internal variable, which allows remote attackers to include and execute arbitrary local files. The oldstable distribution is not affected by this problem. oval:org.mitre.oval:def:7239 It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insufficient input sanitising in the TrackBack transmission plugin. oval:org.secpod.oval:def:600716 It was discovered that a buffer overflow in the Unicode libraray ICU could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600648 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4067 Rafael Dominguez Vega of MWR InfoSecurity reported an iss ... oval:org.secpod.oval:def:600722 Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code. This update adds packages oval:org.secpod.oval:def:600769 Antonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Regular, TCP-based TLS is not affected by this issue. oval:org.secpod.oval:def:600665 Two vulnerabilities have been discovered in phpldapadmin, a web based interface for administering LDAP servers. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-4074 Input appended to the URL in cmd.php is not properly sanitised before being returned to t ... oval:org.secpod.oval:def:600623 Two security issue have been discovered that affect vsftpd, a lightweight, efficient FTP server written for security. CVE-2011-2189 It was discovered that Linux kernels less than 2.6.35 are considerably slower in releasing than in the creation of network namespaces. As a result of this and because v ... oval:org.secpod.oval:def:600589 It was discovered that libvirt, a library for interfacing with different virtualization systems, is prone to an integer overflow . Additionally, the stable version is prone to a denial of service, because its error reporting is not thread-safe . For the stable distribution , these problems have been ... oval:org.secpod.oval:def:600599 Hossein Lotfi discovered an integer overflow in libsndfile"s code to parse Paris Audio files, which could potentially lead to the execution of arbitrary code. oval:org.secpod.oval:def:600588 It has been discovered that xml-security-c, an implementation of the XML Digital Signature and Encryption specifications, is not properly handling RSA keys of sizes on the order of 8192 or more bits. This allows an attacker to crash applications using this functionality or potentially execute arbitr ... oval:org.secpod.oval:def:600575 The recent tiff update DSA-2210-1 introduced a regression that could lead to encoding problems of tiff files. This update fixes this problem . For reference, the description of the original DSA, which fixed CVE-2011-0191 CVE-2011-0192 CVE-2011-1167 CVE-2011-0191 A buffer overflow allows to execute a ... oval:org.secpod.oval:def:600559 Several security related problems have been discovered in the OpenOffice.org package that allows malformed documents to trick the system into crashes or even the execution of arbitrary code. CVE-2010-3450 During an internal security audit within Red Hat, a directory traversal vulnerability has been ... oval:org.secpod.oval:def:600190 It was discovered that Request Tracker, an issue tracking system, stored passwords in its database by using an insufficiently strong hashing method. If an attacker would have access to the password database, he could decode the passwords stored in it. oval:org.secpod.oval:def:600178 MWR InfoSecurity identified a buffer overflow in pcscd, middleware to access a smart card via PC/SC, which could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600545 A design flaw in exim4 allowed the loal Debian-exim user to obtain root privileges by specifying an alternate configuration file using the -C option or by using the macro override facility . Unfortunately, fixing this vulnerability is not possible without some changes in exim4"s behvaviour. If you ... oval:org.secpod.oval:def:600175 The updated packages from DSA-2154-1 introduced a regression which prevented unprivileged users from using "exim4 -bf" to test filter configurations. This update fixes this problem. Please also read the information provided in DSA-2154-1 if you have not done so already. oval:org.secpod.oval:def:600200 Two buffer overflows were found in the Freetype font library, which could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600067 A vulnerability has been discovered in samba, a SMB/CIFS file, print, and login server for Unix. The sid_parse function does not correctly check its input lengths when reading a binary representation of a Windows SID . This allows a malicious client to send a sid that can overflow the stack variable ... oval:org.secpod.oval:def:600158 It was discovered that mediawiki, a website engine for collaborative work, is vulnerable to a Cross-Site Request Forgery login attack, which could be used to conduct phishing or similar attacks to users via affected mediawiki installations. Note that the fix used breaks the login API and may require ... oval:org.mitre.oval:def:6983 Several vulnerabilities have been found in cacti, a frontend to rrdtool for monitoring systems and services. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that cacti is prone to a denial of service via the graph_height, graph_width, graph_start ... oval:org.secpod.oval:def:600292 Several vulnerabilities have been found in cacti, a frontend to rrdtool for monitoring systems and services. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3112, CVE-2007-3113 It was discovered that cacti is prone to a denial of service via the graph_hei ... oval:org.mitre.oval:def:7684 It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon, does not properly handle a "\0" character in a domain name in the Subject Alternative Name field of an X.509 client certificate, when the dNSNameRequired TLS option is enabled. oval:org.mitre.oval:def:7674 Chris Ries discovered that nginx, a high-performance HTTP server, reverse proxy and IMAP/POP3 proxy server, is vulnerable to a buffer underflow when processing certain HTTP requests. An attacker can use this to execute arbitrary code with the rights of the worker process (www-data on Debian) or poss ... oval:org.mitre.oval:def:7658 Tavis Ormandy and Julien Tinnes discovered that the pulseaudio daemon does not drop privileges before re-executing itself, enabling local attackers to increase their privileges. The old stable distribution (etch) is not affected by this issue. oval:org.mitre.oval:def:7898 Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Security researcher Guido Landi discovered that a XSL stylesheet could ... oval:org.secpod.oval:def:600195 Colin Watson discovered that the update for stable relased in DSA-2122-1 did not complete address the underlying security issue in all possible scenarios. oval:org.secpod.oval:def:600633 Ansgar Burchardt, Mike O"Connor and Philipp Kern discovered multiple vulnerabilities in DTC, a web control panel for admin and accounting hosting services: CVE-2011-3195 A possible shell insertion has been found in the mailing list handling. CVE-2011-3196 Unix rights for the apache2.conf were set in ... oval:org.secpod.oval:def:600726 Several vulnerabilities have been found in the Apache HTTPD Server: CVE-2011-3607: An integer overflow in ap_pregsub could allow local attackers to execute arbitrary code at elevated privileges via crafted .htaccess files. CVE-2011-3368 CVE-2011-3639 CVE-2011-4317: The Apache HTTP Server did not pro ... oval:org.secpod.oval:def:600632 Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several vulnerabilities in Quagga, an Internet routing daemon: CVE-2011-3323 A stack-based buffer overflow while decoding Link State Update packets with a malformed Inter Area Prefix LSA can cause the ospf6d process to crash or execute arb ... oval:org.secpod.oval:def:600619 Ben Hawkes discovered that squid3, a full featured Web Proxy cache , is vulnerable to a buffer overflow when processing gopher server replies. An attacker can exploit this flaw by connecting to a gopher server that returns lines longer than 4096 bytes. This may result in denial of service conditions ... oval:org.secpod.oval:def:600610 The apache2 Upgrade from DSA-2298-1 has caused a regression that prevented some video players from seeking in video files served by Apache HTTPD. This update fixes this bug. The text of the original advisory is reproduced for reference: Two issues have been found in the Apache HTTPD web server: CVE- ... oval:org.secpod.oval:def:600613 Two issues have been found in the Apache HTTPD web server: CVE-2011-3192 A vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This vulnerability allows an attacker to cause Apache HTTPD to use an excessive amount of memory, causing a denia ... oval:org.secpod.oval:def:600598 The PNG library libpng has been affected by several vulnerabilities. The most critical one is the identified as CVE-2011-2690. Using this vulnerability, an attacker is able to overwrite memory with an arbitrary amount of data controlled by her via a crafted PNG image. The other vulnerabilities are l ... oval:org.secpod.oval:def:600524 Several vulnerabilities were discovered in Postfix, a mail transfer agent. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2939 The postinst script grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct sy ... oval:org.secpod.oval:def:600214 Stephane Chazelas discovered that the cronjob of the PHP 5 package in Debian suffers from a race condition which might be used to remove arbitrary files from a system . When upgrading your php5-common package take special care to _accept_ the changes to the /etc/cron.d/php5 file. Ignoring them would ... oval:org.secpod.oval:def:600182 Ansgar Burchardt discovered several vulnerabilities in DTC, a web control panel for admin and accounting hosting services. CVE-2011-0434 The bw_per_moth.php graph contains an SQL injection vulnerability. CVE-2011-0435 Insufficient checks in bw_per_month.php can lead to bandwidth usage information di ... oval:org.secpod.oval:def:600227 Ricardo Narvaja discovered that missing input sanitising in VLC, a multimedia player and streamer, could lead to the execution of arbitrary code if a user is tricked into opening a malformed media file. This update also provides updated packages for oldstable for vulnerabilities, which have already ... oval:org.secpod.oval:def:600167 It was discovered that PostgreSQL"s intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitary code execution. oval:org.secpod.oval:def:600193 Several vulnerabilities have been discovered in FFmpeg coders, which are used by by MPlayer and other applications. CVE-2010-3429 Cesar Bernardini and Felipe Andres Manzano reported an arbitrary offset dereference vulnerability in the libavcodec, in particular in the flic file format parser. A speci ... oval:org.secpod.oval:def:600206 A vulnerability has been found in Apache mod_fcgid. The Common Vulnerabilities and Exposures project identifies the following problem: CVE-2010-3872 A stack overflow could allow an untrusted FCGI application to cause a server crash or possibly to execute arbitrary code as the user running the web se ... oval:org.secpod.oval:def:600705 Several vulnerabilities have been discovered in cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands. oval:org.secpod.oval:def:600724 It was discovered that the last security update for cacti, DSA-2384-1, introduced a regression in lenny. oval:org.secpod.oval:def:600122 Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3055 The configuration setup script does not properly sanitise its output file, which allows remote ... oval:org.secpod.oval:def:600081 The update in DSA 2097 for phpMyAdmin did not correctly apply the intended changes, thereby not completely addressing the vulnerabilities. Updated packages now fix the issues described in the original advisory text below. Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to a ... oval:org.secpod.oval:def:600224 Various vulnerabilities have been discovered in the Tomcat Servlet and JSP engine, resulting in denial of service, cross-site scripting, information disclosure and WAR file traversal oval:org.secpod.oval:def:600077 Tomas Hoger discovered that the upstream fix for CVE-2009-3995 was insufficient. This update provides a corrected package. For the stable distribution , this problem has been fixed in version 3.1.11-6.0.1+lenny1. For the unstable distribution , these problems have been fixed in version 3.1.11-6.3. W ... oval:org.secpod.oval:def:600154 Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3297 Ronald Volgers discovered that a race condition in mount.cifs allows local users to mount remo ... oval:org.mitre.oval:def:6868 It was discovered that ganeti, a virtual server cluster manager, does not validate the path of scripts passed as arguments to certain commands, which allows local or remote users to execute arbitrary commands on a host acting as a cluster master. The oldstable distribution does not include ganeti. oval:org.secpod.oval:def:600286 It was discovered that ganeti, a virtual server cluster manager, does not validate the path of scripts passed as arguments to certain commands, which allows local or remote users to execute arbitrary commands on a host acting as a cluster master. For the stable distribution , this problem has been ... oval:org.secpod.oval:def:600454 It was discovered that the ocsinventory-agent which is part of the ocsinventory suite, a hardware and software configuration indexing service, is prone to an insecure perl module search path. As the agent is started via cron and the current directory is included in the default perl module path the ... oval:org.secpod.oval:def:600284 Michal Hlavinka discovered that the fix for code execution in the map_yp_alias function, known as CVE-2009-1579 and released in DSA 1802-1, was incomplete. This update corrects the fix for that function. For the old stable distribution , this problem has been fixed in version 1.4.9a-5. For the stabl ... oval:org.secpod.oval:def:600492 Several vulnerabilities have been discovered in libmodplug, the shared libraries for mod music based on ModPlug. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1438 It was discovered that libmodplug is prone to an integer overflow when processing a MED f ... oval:org.secpod.oval:def:600057 It was discovered that the JasPer JPEG-2000 runtime library allowed an attacker to create a crafted input file that could lead to denial of service and heap corruption. Besides addressing this vulnerability, this updates also addresses a regression introduced in the security fix for CVE-2008-3521, a ... oval:org.mitre.oval:def:8174 It was discovered that the ocsinventory-agent which is part of the ocsinventory suite, a hardware and software configuration indexing service, is prone to an insecure perl module search path. As the agent is started via cron and the current directory (/ in this case) is included in the default perl ... oval:org.mitre.oval:def:8413 Several remote vulnerabilities have been discovered in SquirrelMail, a webmail application. The Common Vulnerabilities and Exposures project identifies the following problems: Cross site scripting was possible through a number of pages which allowed an attacker to steal sensitive session data. Code ... oval:org.mitre.oval:def:7473 Mike Wiacek discovered that a buffer overflow in the ARC2 implementation of Python Crypto, a collection of cryptographic algorithms and protocols for Python allows denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:600710 Many security problems had been fixed in libxml2, a popular library to handle XML data files. CVE-2011-3919: Jüri Aedla discovered a heap-based buffer overflow that allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011 ... oval:org.secpod.oval:def:600690 It was discovered that OpenIPMI, the Intelligent Platform Management Interface library and tools, used too wide permissions PID file, which allows local users to kill arbitrary processes by writing to this file. The original announcement didn"t contain corrections for the Debian 5.0 "lenny" ... oval:org.secpod.oval:def:600685 Huzaifa Sidhpurwala discovered a buffer overflow in Wireshark"s ERF dissector, which could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600584 Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:600102 SquirrelMail, a webmail application, does not employ a user-specific token for webforms. This allows a remote attacker to perform a Cross Site Request Forgery attack. The attacker may hijack the authentication of unspecified victims and send messages or change user preferences among other actions, ... oval:org.secpod.oval:def:600194 Sebastian Krahmer discovered a buffer overflow in the SNMP discovery code of the HP Linux Printing and Imaging System, which could result in the execution of arbitrary code. oval:org.mitre.oval:def:7945 Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, D ... oval:org.mitre.oval:def:7524 Several security issues have been discovered in kde4libs, core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that there is a use-after-free flaw in handling certain DOM event handlers. This could lead to th ... oval:org.secpod.oval:def:600127 The Debian stable point release 5.0.6 included updated packages of the Git revision control system in order to fix a security issue. Unfortunately, the update introduced a regression which could make it impossible to clone or create git repositories. This upgrade fixes this regression, which is trac ... oval:org.secpod.oval:def:600125 Several vulnerabilities have been discovered in the Avahi mDNS/DNS-SD daemon. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0758 Rob Leslie discovered a denial of service vulnerability in the code used to reflect unicast mDNS traffic. CVE-2010-2244 Ludw ... oval:org.secpod.oval:def:600174 It was discovered that avahi, an implementation of the zeroconf protocol, can be crashed remotely by a single UDP packet, which may result in a denial of service. oval:org.secpod.oval:def:600183 Rémi Denis-Courmont discovered that dbus, a message bus application, is not properly limiting the nesting level when examining messages with extensive nested variants. This allows an attacker to crash the dbus system daemon due to a call stack overflow via crafted messages. oval:org.secpod.oval:def:600573 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-2524 David Howells reported an issue in the Common Internet Fi ... oval:org.secpod.oval:def:600366 Aaron Siegel discovered that the web interface of cups, the Common UNIX Printing System, is prone to cross-site scripting attacks. For the stable distribution , this problem has been fixed in version 1.3.8-1+lenny7. For the oldstable distribution , this problem has been fixed in version 1.2.7-4+etch ... oval:org.mitre.oval:def:6990 Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format files. The Common Vulnerabilities and Exposures project identifies the following problems: Integer overflow in SplashBitmap::SplashBitmap which might allow remote attackers to ... oval:org.secpod.oval:def:600169 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0435 Gleb Napatov reported an issue in the KVM subsystem that ... oval:org.secpod.oval:def:600280 It was discovered that the SIEVE component of cyrus-imapd, a highly scalable enterprise mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. Due to incorrect use of the sizeof operator an attacker is able to pass a negative length to snprintf calls resulting in large positi ... oval:org.secpod.oval:def:600087 Multiple vulnerabilities have been discovered in lintian, a Debian package checker. The following Common Vulnerabilities and Exposures project ids have been assigned to identify them: CVE-2009-4013: missing control files sanitation Control field names and values were not sanitised before using them ... oval:org.mitre.oval:def:7013 Multiple vulnerabilities have been discovered in lintian, a Debian package checker. The following Common Vulnerabilities and Exposures project ids have been assigned to identify them: Control field names and values were not sanitised before using them in certain operations that could lead to directo ... oval:org.mitre.oval:def:8221 It was discovered that incorrect pointer handling in the purple library, an internal component of the multi-protocol instant messaging client Pidgin, could lead to denial of service or the execution of arbitrary code through malformed contact requests. oval:org.secpod.oval:def:600038 This update restores the PID file location for bind to the location before the last security update. For reference, here is the original advisory text that explains the security problems fixed: Several cache-poisoning vulnerabilities have been discovered in BIND. These vulnerabilities are apply only ... oval:org.secpod.oval:def:600045 It was discovered that a significant memory leak could occur in openssl, related to the reinitialization of zlib. This could result in a remotely exploitable denial of service vulnerability when using the Apache httpd server in a configuration where mod_ssl, mod_php5, and the php5-curl extension are ... oval:org.secpod.oval:def:600098 Dan Rosenberg discovered that Transmission, a lightwight client for the Bittorrent filesharing protocol performs insufficient sanitising of file names specified in .torrent files. This could lead to the overwrite of local files with the privileges of the user running Transmission if the user is tric ... oval:org.secpod.oval:def:600296 Several vulnerabilities have been found in the MIT reference implementation of Kerberos V5, a system for authenticating users and services on a network. The Common Vulnerabilities and Exposures project identified the following problems: The Apple Product Security team discovered that the SPNEGO GSS- ... oval:org.secpod.oval:def:600251 Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0040 The execution of arbitrary code might be possible via a crafted PNG f ... oval:org.secpod.oval:def:600512 Tavis Ormandy discovered several integer overflows in FreeType, a library to process and access font files, resulting in heap- or stack-based buffer overflows leading to application crashes or the execution of arbitrary code via a crafted font file. For the oldstable distribution , this problem has ... oval:org.secpod.oval:def:600574 Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. CVE-2010-2531 An information leak was found in the var_export function. CVE-2011-0421 The Zip module could crash. CVE-2011-0708 An integer overflow was discovered in ... oval:org.secpod.oval:def:600581 The update for CVE-2010-2531 for the old stabledistribution introduced a regression, which lead to additional output being written to stdout. oval:org.secpod.oval:def:600132 Two remote vulnerabilities have been discovered in OpenLDAP. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0211 The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which a ... oval:org.secpod.oval:def:600157 Several vulnerabilities have been discovered in the FreeType font library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1797 Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in ... oval:org.secpod.oval:def:600179 Several vulnerabilities have been discovered in the Common UNIX Printing System: CVE-2008-5183 A null pointer dereference in RSS job completion notifications could lead to denial of service. CVE-2009-3553 It was discovered that incorrect file descriptor handling could lead to denial of service. CVE- ... oval:org.secpod.oval:def:600074 Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2042 libpng does not properly parse 1-bit interlaced images with width values that are not divisible by 8, ... oval:org.mitre.oval:def:8045 Peter Valchev discovered an error in expat, an XML parsing C library, when parsing certain UTF-8 sequences, which can be exploited to crash an application using the library. oval:org.secpod.oval:def:600496 Peter Valchev discovered an error in expat, an XML parsing C library, when parsing certain UTF-8 sequences, which can be exploited to crash an application using the library. For the old stable distribution , this problem has been fixed in version 1.95.8-3.4+etch1. For the stable distribution , this ... oval:org.secpod.oval:def:600475 Certificates with MD2 hash signatures are no longer accepted by OpenSSL, since they"re no longer considered cryptographically secure. For the stable distribution , this problem has been fixed in version 0.9.8g-15+lenny5. For the old stable distribution , this problem has been fixed in version 0.9.8c ... oval:org.secpod.oval:def:600549 The openssl update in DSA-2141-1 caused a regression in lighttpd. Due to a bug in lighttpd, the server fails to start in some configurations if using the updated openssl libraries. This update fixes this problem. oval:org.secpod.oval:def:600205 CVE-2009-3555: Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. This update adds ba ... oval:org.secpod.oval:def:600564 DSA-2141-1 changed the behaviour of the openssl libraries in a server environment to only allow SSL/TLS renegotiation for clients that support the RFC5746 renegotiation extension. This update to apache2 adds the new SSLInsecureRenegotiation configuration option that allows to restore support for ins ... oval:org.secpod.oval:def:600207 CVE-2009-3555: Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. This update adds ba ... oval:org.secpod.oval:def:600197 It was discovered that the floating point parser in OpenJDK, an implementation of the Java platform, can enter an infinite loop when processing certain input strings. Such input strings represent valid numbers and can be contained in data supplied by an attacker over the network, leading to a denial ... oval:org.mitre.oval:def:6950 Several vulnerabilities have been discovered in asterisk, an Open Source PBX and telephony toolkit. The Common Vulnerabilities and Exposures project identifies the following problems: It is possible to determine valid login names via probing, due to the IAX2 response from asterisk . It is possible t ... oval:org.secpod.oval:def:600276 Robin Park and Dmitri Vinokurov discovered that the daemon component of the ntp package, a reference implementation of the NTP protocol, is not properly reacting to certain incoming packets. An unexpected NTP mode 7 packets with spoofed IP data can lead ntpd to reply with a mode 7 response to the s ... oval:org.secpod.oval:def:600527 A flaw was found in the APR library, which could be exploited through Apache HTTPD"s mod_autoindex. If a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used ... oval:org.secpod.oval:def:600529 The recent APR update DSA-2237-1 introduced a regression that could lead to an endless loop in the apr_fnmatch function, causing a denial of service. This update fixes this problem . For reference, the description of the original DSA, which fixed CVE-2011-0419: A flaw was found in the APR library, w ... oval:org.secpod.oval:def:600717 Several vulnerabilities have been discovered in Curl, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-3389 This update enables OpenSSL workarounds against the "BEAST" attack oval:org.secpod.oval:def:600676 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform. This combines the two previous openjdk-6 advisories, DSA-2311-1 and DSA-2356-1. CVE-2011-0862 Integer overflow errors in the JPEG and font parser allow untrusted code to elevate its privileges. CVE-2011 ... oval:org.secpod.oval:def:600651 Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox: CVE-2011-2372 Mariusz Mlynski discovered that websites could open a download dialog - which has "open" as the default action -, while a user presses the ENTER key. CVE-2011-2995 Benjamin Smedberg, Bob Cla ... oval:org.secpod.oval:def:600647 This update to the NSS cryptographic libraries revokes the trust in the "DigiCert Sdn. Bhd" certificate authority oval:org.secpod.oval:def:600691 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2011-3647 "moz_bug_r_a4" discovered a privilege escalation vulnerability in addon han ... oval:org.secpod.oval:def:600718 Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowf ... oval:org.secpod.oval:def:600719 A regression was found in the fix for PHP"s XSLT transformations . Updated packages are now available to address this regression. For reference, the original advisory text follows. Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposur ... |
