[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 2936 Download | Alert*

It was discovered that the XML::Atom Perl module did not disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

The ProFTPD security update, DSA-2346-1, introduced a regression, preventing successful TLS connections. This regression does not affected the stable distribution , nor the testing and unstable distributions.

Issues were found in the handling of XML encryption in simpleSAMLphp, an application for federated authentication. The following two issues have been addressed: It may be possible to use an SP as an oracle to decrypt encrypted messages sent to that SP. It may be possible to use the SP as a key oracle which can be used to forge messages from that SP by issuing 300000-2000000 queries to the SP. The ...

It was discovered that pam-pgsql, a PAM module to authenticate using a PostgreSQL database, was vulnerable to a buffer overflow in supplied IP-addresses.

It was discovered that mahara, an electronic portfolio, weblog, and resume builder is prone to several cross-site scripting attacks, which allow an attacker to inject arbitrary HTML or script code and steal potential sensitive data from other users. The oldstable distribution does not contain mahara. For the stable distribution , this problem has been fixed in version 1.0.4-4+lenny3. For the test ...

It was discovered that squid3, a high-performance proxy caching server for web clients, is prone to several denial of service attacks. Due to incorrect bounds checking and insufficient validation while processing response and request data an attacker is able to crash the squid daemon via crafted requests or responses. The squid package in the oldstable distribution is not affected by this problem ...

Peter Palfrader discovered that in the Git revision control system, on some architectures files under /usr/share/git-core/templates/ were owned by a non-root user. This allows a user with that uid on the local system to write to these files and possibly escalate their privileges. This issue only affects the DEC Alpha and MIPS architectures. For the old stable distribution , this problem has been ...

It was discovered that the Debian Mantis package, a web based bug tracking system, installed the database credentials in a file with world-readable permissions onto the local filesystem. This allows local users to acquire the credentials used to control the Mantis database. This updated package corrects this problem for new installations and will carefully try to update existing ones. Administrato ...

Ilja van Sprundel discovered that a buffer overflow in NSD, an authoritative name service daemon, allowed to crash the server by sending a crafted packet, creating a denial of service. For the old stable distribution , this problem has been fixed in version 2.3.6-1+etch1 of the nsd package. For the stable distribution , this problem has been fixed in version 2.3.7-1.1+lenny1 of the nsd package and ...

Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: cross-site Scripting, open redirection, SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code execution. The testing distribution will be fixed soon. For the unstable distribution , these problems have been fixed in version 4.3.5- ...


Pages:      Start    282    283    284    285    286    287    288    289    290    291    292    293    ..   293

© 2013 SecPod Technologies