Articles / Debian

All articles tagged with Debian

March 14, 2012 20:04 Debian: Security update for libmodplug

0

Several vulnerabilities that can lead to the execution of arbitrary code have been discovered in libmodplug, a library for mod music based on ModPlug. epiphant discovered that the abc file parser is vulnerable to several stack-based buffer overflows that potentially lead to the execution of arbitrary code. Hossein Lotfi discovered that the CSoundFile::ReadWav function is vulnerable to an integer overflow which leads to a heap-based buffer overflow. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted WAV files.

Hossein Lotfi discovered that the CSoundFile::ReadS3M function is vulnerable to a stack-based buffer overflow. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted S3M files. Hossein Lotfi discovered that the CSoundFile::ReadAMS function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted AMS files. It was discovered that the CSoundFile::ReadDSM function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted DSM files.

It was discovered that the CSoundFile::ReadAMS2 function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted AMS files.

Updated packages are available from security.debian.org.

March 14, 2012 20:02 Debian: Security update for fex

0

Nicola Fioravanti discovered that F*X, a web service for transferring very large files, is not properly sanitizing input parameters of the “fup” script. An attacker can use this flaw to conduct reflected cross-site scripting attacks via various script parameters. Updated packages are available from security.debian.org.

March 04, 2012 18:32 Debian: Security update for libarchive

0

Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality. Updated packages are available from security.debian.org.

March 02, 2012 07:47 Debian: Security update for libvorbis

0

It was discovered that a heap overflow in the Vorbis audio compression library could lead to the execution of arbitrary code if a malformed Ogg Vorbis file is processed. Updated packages are available from security.debian.org.

March 02, 2012 07:46 Debian: Security update for mumble

0

It was discovered that mumble, a VoIP client, does not probably manage permission on its user-specific configuration files, allowing other local users on the system to access them. Updated packages are available from security.debian.org.

February 21, 2012 07:52 Debian: Security update for PHP

0

Several vulnerabilities have been discovered in PHP, the web scripting language. It was discoverd that insecure handling of temporary files in the PEAR installer could lead to denial of service. Maksymilian Arciemowicz discovered that a NULL pointer dereference in the zend_strndup() function could lead to denial of service. Maksymilian Arciemowicz discovered that a NULL pointer dereference in the tidy_diagnose() function could lead to denial of service.

It was discovered that missing checks in the handling of PDORow objects could lead to denial of service. It was discovered that the magic_quotes_gpc setting could be disabled remotely

Updated packages are available from security.debian.org.

February 15, 2012 08:30 Debian: Security update for CVS

0

It was discovered that a malicious CVS server could cause a heap overflow in the CVS client, potentially allowing the server to execute arbitrary code on the client. Updated packages are available from security.debian.org.

February 15, 2012 08:29 Debian: Security update for Icedove

0

Several vulnerabilities have been discovered in Icedove, Debian’s variant of the Mozilla Thunderbird code base. Icedove does not not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages. Memory corruption bugs could cause Icedove to crash or possibly execute arbitrary code. Icedove does not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.

Icedove allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document

Updated packages are available from security.debian.org.

February 10, 2012 07:03 Debian: Security update for apache2

0

Several vulnerabilities have been found in the Apache HTTPD Server. An integer overflow in ap_pregsub() could allow local attackers to execute arbitrary code at elevated privileges via crafted .htaccess files. The Apache HTTP Server did not properly validate the request URI for proxied requests. In certain reverse proxy configurations using the ProxyPassMatch directive or using the RewriteRule directive with the P flag, a remote attacker could make the proxy connect to an arbitrary server. The could allow the attacker to access internal servers that are not otherwise accessible from the outside.

An apache2 child process could cause the parent process to crash during shutdown. This is a violation of the privilege separation between the apache2 processes and could potentially be used to worsen the impact of other vulnerabilities. The response message for error code 400 (bad request) could be used to expose “httpOnly” cookies. This could allow a remote attacker using cross site scripting to steal authentication cookies.

Updated packages are available from security.debian.org.

February 10, 2012 07:01 Debian: Security update for QEMU

0

Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of QEMU, which is used in the xen-qemu-dm-4.0 packages. This vulnerability might enable to malicious guest systems to crash the host system or escalate their privileges. Updated packages are available from security.debian.org.

February 08, 2012 06:47 Debian: Security update for PHP

0

Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code. Updated packages are available from security.debian.org.

February 08, 2012 06:46 Debian: Security update for Iceape

0

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed, resulting in potential information disclosure. Jesse Ruderman and Bob Clary discovered memory corruption bugs, which may lead to the execution of arbitrary code. “regenrecht” discovered that missing input sanisiting in the Ogg Vorbis parser may lead to the execution of arbitrary code.

Nicolas Gregoire and Aki Helin discovered that missing input sanisiting in XSLT processing may lead to the execution of arbitrary code.

Updated packages are available from security.debian.org.

February 08, 2012 06:45 Debian: Security update for Iceweasel

0

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed, resulting in potential information disclosure. Jesse Ruderman and Bob Clary discovered memory corruption bugs, which may lead to the execution of arbitrary code. “regenrecht” discovered that missing input sanisiting in the Ogg Vorbis parser may lead to the execution of arbitrary code.

Nicolas Gregoire and Aki Helin discovered that missing input sanisiting in XSLT processing may lead to the execution of arbitrary code.

Updated packages are available from security.debian.org.

February 08, 2012 06:44 Debian: Security update for Tomcat 6

0

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine. The HTTP Digest Access Authentication implementation performed insufficient countermeasures against replay attacks. In rare setups passwords were written into a logfile. Missing input sanisiting in the HTTP APR or HTTP NIO connectors could lead to denial of service.

AJP requests could be spoofed in some setups. Incorrect request caching could lead to information disclosure. This update also adds countermeasures against a collision denial of service vulnerability in the Java hashtable implementation and addresses denial of service potentials when processing large amounts of requests.

Updated packages are available from security.debian.org.

February 03, 2012 09:04 Debian: Security update for php

0

Several vulnerabilities have been discovered in PHP, the web scripting language. The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determine a cleartext password by using knowledge of a password hash. When used on 32 bit platforms, the exif extension could be used to trigger an integer overflow in the exif_process_IFD_TAG function when processing a JPEG file.

It was possible to trigger hash collisions predictably when parsing form parameters, which allows remote attackers to cause a denial of service by sending many crafted parameters. When applying a crafted XSLT transform, an attacker could write files to arbitrary places in the filesystem.

Updated packages are available from security.debian.org.

February 03, 2012 09:03 Debian: Security update for curl

0

Several vulnerabilities have been discovered in Curl, an URL transfer library. This update enables OpenSSL workarounds against the “BEAST” attack. Dan Fandrich discovered that Curl performs insufficient sanitising when extracting the file path part of an URL. Updated packages are available from security.debian.org.

February 01, 2012 07:28 Debian: Security update for icu

0

It was discovered that a buffer overflow in the Unicode libraray ICU could lead to the execution of arbitrary code. Updated packages are available from security.debian.org.

February 01, 2012 07:27 Debian: Security update for qemu-kvm

0

Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of KVM, a solution for full virtualization on x86 hardware, which could result in denial of service or privilege escalation. Updated packages are available from security.debian.org.

February 01, 2012 07:26 Debian: Security update for wireshark

0

Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code. Updated packages are available from security.debian.org.

February 01, 2012 07:25 Debian: Security update for libxml2

0

Many security problems had been fixed in libxml2, a popular library to handle XML data files. Jüri Aedla discovered a heap-based buffer overflow that allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. An Off-by-one error have been discoveried that allows remote attackers to execute arbitrary code or cause a denial of service. A memory corruption (double free) bug has been identified in libxml2’s XPath engine. Through it, it is possible to an attacker allows cause a denial of service or possibly have unspecified other impact. Yang Dingning discovered a double free vulnerability related to XPath handling. An out-of-bounds read vulnerability had been discovered, which allows remote attackers to cause a denial of service.

Updated packages are available from security.debian.org.

January 30, 2012 06:58 Debian: Security update for bip

0

Julien Tinnes reported a buffer overflow in the bip multiuser irc proxy which may allow arbitrary code execution by remote users. Updated packages are available from security.debian.org.

January 24, 2012 09:25 Debian: Security update for OpenSSL

0

Antonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Updated packages are available from security.debian.org.

January 22, 2012 20:24 Debian: Security update for phpmyadmin

1

Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The XML import plugin allowed a remote attacker to read arbitrary files via XML data containing external entity references. Cross site scripting was possible in the table tracking feature, allowing a remote attacker to inject arbitrary web script or HTML. Updated packages are available from security.debian.org.

January 17, 2012 07:08 Debian: Security update for Linux kernel

0

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. Andrea Righi reported an issue in KSM, a memory-saving de-duplication feature. By exploiting a race with exiting tasks, local users can cause a kernel oops, resulting in a denial of service. Dan Rosenberg discovered an issue in the INET socket monitoring interface. Local users could cause a denial of service by injecting code and causing the kernel to execute an infinite loop. Eric Dumazet reported an information leak in the raw packet socket implementation.

Han-Wen Nienhuys reported a local denial of service issue issue in the FUSE (Filesystem in Userspace) support in the linux kernel. Local users could cause a buffer overflow, leading to a kernel oops and resulting in a denial of service. Carlos Maiolino reported an issue in the XFS filesystem. A local user with the ability to mount a filesystem could corrupt memory resulting in a denial of service or possibly gain elevated privileges. David Howells reported an issue in the kernel’s access key retention system which allow local users to cause a kernel oops leading to a denial of service.

Paolo Bonzini of Red Hat reported an issue in the ioctl passthrough support for SCSI devices. Users with permission to access restricted portions of a device (e.g. a partition or a logical volume) can obtain access to the entire device by way of the SG_IO ioctl. This could be exploited by a local user or privileged VM guest to achieve a privilege escalation. Maynard Johnson reported an issue with the perf support on POWER7 systems that allows local users to cause a denial of service. Jan Kiszka reported an issue in the KVM PIT timer support. Local users with the permission to use KVM can cause a denial of service by starting a PIT timer without first setting up the irqchip.

Ben Hutchings reported various bounds checking issues within the ROSE protocol support in the kernel. Remote users could possibly use this to gain access to sensitive memory or cause a denial of service.

Updated packages are available from security.debian.org.

January 15, 2012 16:55 Debian: Security update for t1lib

0

Several vulnerabilities were discovered in t1lib, a Postscript Type 1 font rasterizer library, some of which might lead to code execution through the opening of files embedding bad fonts. A heap-based buffer overflow in the AFM font metrics parser potentially leads to the execution of arbitrary code. Another heap-based buffer overflow in the AFM font metrics parser potentially leads to the execution of arbitrary code. An invalid pointer dereference allows execution of arbitrary code using crafted Type 1 fonts. Another invalid pointer dereference results in an application crash, triggered by crafted Type 1 fonts. A use-after-free vulnerability results in an application crash, triggered by crafted Type 1 fonts. An off-by-one error results in an invalid memory read and application crash, triggered by crafted Type 1 fonts. Updated packages are available from security.debian.org.

January 15, 2012 16:54 Debian: Security update for openttd

0

Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service. Updated packages are available from security.debian.org.

January 15, 2012 16:52 Debian: Security update for simpleSAMLphp

0

timtai1 discovered that simpleSAMLphp, an authentication and federation platform, is vulnerable to a cross site scripting attack, allowing a remote attacker to access sensitive client data. Updated packages are available from security.debian.org.

January 11, 2012 07:48 Debian: Security update for PowerDNS

0

Ray Morris discovered that the PowerDNS authoritative server responds to response packets. An attacker who can spoof the source address of IP packets can cause an endless packet loop between a PowerDNS authoritative server and another DNS server, leading to a denial of service. Updated packages are available from security.debian.org.

January 11, 2012 07:14 Debian: Security update for cacti

0

Several vulnerabilities have been discovered in cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands. Updated packages are available from security.debian.org.

January 09, 2012 07:01 Debian: Security update for Super

0

Robert Luberda discovered a buffer overflow in the syslog logging code of Super, a tool to execute scripts (or other commands) as if they were root. Updated packages are available from security.debian.org.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.