-
LinuxSecurity Advisories
Oct 22, 2021 | 14:24 pm
Several vulnerabilities were discovered in mailman, a web-based mailing list manager, which could result in arbitrary content injection via the options and private archive login pages, and CSRF attacks or privilege escalation via the user options page.
Read more...
-
LinuxSecurity Advisories
Oct 19, 2021 | 14:51 pm
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
Read more...
-
LinuxSecurity Advisories
Oct 18, 2021 | 17:17 pm
Researchers at the United States of America National Security Agency (NSA) identified two denial of services vulnerability in strongSwan, an IKE/IPsec suite.
Read more...
-
LinuxSecurity Advisories
Oct 16, 2021 | 15:23 pm
Two security issues have been discovered in LibreOffice's support for digital signatures in ODF documents, which could result in incorrect signature indicators/timestamps being presented.
Read more...
-
LinuxSecurity Advisories
Oct 15, 2021 | 08:58 am
Richard Weinberger reported that unsquashfs in squashfs-tools, the tools to create and extract Squashfs filesystems, does not check for duplicate filenames within a directory. An attacker can take advantage of this flaw for writing to arbitrary files to the filesystem[…]
Read more...
-
LinuxSecurity Advisories
Oct 14, 2021 | 16:33 pm
Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in denial of service. For the oldstable distribution (buster), these problems have been fixed
Read more...
-
LinuxSecurity Advisories
Oct 14, 2021 | 10:46 am
Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform Cross-Site Scripting (XSS) attacks or impersonate other users.
Read more...
-
LinuxSecurity Advisories
Oct 12, 2021 | 17:27 pm
It was discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could be bypassed for a Flatpak app with direct access to AF_UNIX sockets, by manipulating the VFS using mount-related syscalls that are not blocked by[…]
Read more...
-
LinuxSecurity Advisories
Oct 10, 2021 | 14:06 pm
Pavel Toporkov discovered a vulnerability in Neutron, the OpenStack virtual network service, which allowed a reconfiguration of dnsmasq via crafted dhcp_extra_opts parameters.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jul 21, 2021 | 16:10 pm
Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Sep 22, 2020 | 18:23 pm
Ubuntu Security Notice 4530-1 - Wolfgang Schweer discovered that Debian-LAN did not properly handle ACLs for the Kerberos admin server. A local attacker could possibly use this issue to change the passwords of other users, leading to root privilege escalation.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 25, 2020 | 15:20 pm
Debian Linux Security Advisory 4633-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 19, 2020 | 15:38 pm
Debian Linux Security Advisory 4629-1 - Simon Charette discovered that Django, a high-level Python web development framework, did not properly handle input in its PostgreSQL module. A remote attacker could leverage this to perform SQL injection attacks.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 19, 2020 | 15:28 pm
Debian Linux Security Advisory 4628-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 18, 2020 | 15:05 pm
Debian Linux Security Advisory 4626-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 18, 2020 | 15:04 pm
Debian Linux Security Advisory 4627-1 - Cross site scripting, denial of service, and various other vulnerabilities have been discovered in the webkit2gtk web engine.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 17, 2020 | 18:02 pm
Debian Linux Security Advisory 4625-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 17, 2020 | 17:31 pm
Debian Linux Security Advisory 4624-1 - Several vulnerabilities were discovered in evince, a simple multi-page document viewer.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 17, 2020 | 16:41 pm
Debian Linux Security Advisory 4620-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 14, 2020 | 15:25 pm
Debian Linux Security Advisory 4623-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 14, 2020 | 15:01 pm
Debian Linux Security Advisory 4622-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 10, 2020 | 21:02 pm
Debian Linux Security Advisory 4619-1 - Guillaume Teissier reported that the XMLRPC client in libxmlrpc3-java, an XML-RPC implementation in Java, does perform deserialization of the server-side exception serialized in the faultCause attribute of XMLRPC error response messages. A malicious XMLRPC[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 4, 2020 | 14:46 pm
Debian Linux Security Advisory 4617-1 - Two security issues were found in the Qt library, which could result in plugins and libraries being loaded from the current working directory, resulting in potential code execution.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 3, 2020 | 16:53 pm
Debian Linux Security Advisory 4616-1 - Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 3, 2020 | 16:40 pm
Debian Linux Security Advisory 4615-1 - Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios.
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 3, 2020 | 16:17 pm
Debian Linux Security Advisory 4614-1 - Joe Vennix discovered a stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the "pwfeedback" option enabled. An unprivileged user can[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 3, 2020 | 16:15 pm
Debian Linux Security Advisory 4613-1 - A heap-based buffer overflow vulnerability was discovered in the idn2_to_ascii_4i() function in libidn2, the GNU library for Internationalized Domain Names (IDNs), which could result in denial of service, or the execution of arbitrary code[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Feb 3, 2020 | 16:10 pm
Debian Linux Security Advisory 4612-1 - It was discovered that the LDAP authentication modules for the Prosody Jabber/XMPP server incorrectly validated the XMPP address when checking whether a user has admin access.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jan 30, 2020 | 14:46 pm
Debian Linux Security Advisory 4611-1 - Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of email addresses which could result in the execution of arbitrary commands as root. In addition this update fixes a denial of service by[…]
Read more...
-
Operating System: Debian ≈ Packet Storm
Jan 24, 2020 | 17:00 pm
Debian Linux Security Advisory 4609-1 - Two security issues were found in the Python interface to the apt package manager; package downloads from unsigned repositories were incorrectly rejected and the hash validation relied on MD5.
Read more...
-
Operating System: Debian ≈ Packet Storm
Jan 22, 2020 | 16:08 pm
Debian Linux Security Advisory 4608-1 - Multiple integer overflows have been discovered in the libtiff library and the included tools.
Read more...
Jedesmal, wenn mit eingeschaltetem AdBlocker eine Webseite besucht wird, stirbt in einem Labor ein unschuldiges, niedliches Kaninchen einen grausamen Tod! Zusätzlich werden einige Funktionen dieser Webseite durch den AdBlocker blockiert. Bitte deaktivieren Sie Ihren AdBlocker für diese Webseite und retten Sie unschuldige Kaninchen!