rootserverprojekt.de

Package : cacti
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2010-1644 CVE-2010-1645 CVE-2010-2543 CVE-2010-2545
CVE-2011-4824

Several vulnerabilities have been discovered in cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands.

For the oldstable distribution (lenny), this problem has been fixed in version 0.8.7b-2.1+lenny4.

For the stable distribution (squeeze), this problem has been fixed in version 0.8.7g-1+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 0.8.7i-2.

We recommend that you upgrade your cacti packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : pdns
Vulnerability : packet loop
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-0206

Ray Morris discovered that the PowerDNS authoritative sever responds to response packets. An attacker who can spoof the source address of IP packets can cause an endless packet loop between a PowerDNS authoritative server and another DNS server, leading to a denial of service.

For the oldstable distribution (lenny), this problem has been fixed in version 2.9.21.2-1+lenny1.

For the stable distribution (squeeze), this problem has been fixed in version 2.9.22-8+squeeze1.

For the testing distribution (wheezy) and the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your pdns packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : openttd
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-3341 CVE-2011-3342 CVE-2011-3343

Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service.

For the oldstable distribution (lenny), this problem has been fixed in version 0.6.2-1+lenny4.

For the stable distribution (squeeze), this problem has been fixed in version 1.0.4-4.

For the unstable distribution (sid), this problem has been fixed in version 1.1.4-1.

We recommend that you upgrade your openttd packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : simplesamlphp
Vulnerability : insufficient input sanitation
Problem type : remote
Debian-specific: no

timtai1 discovered that simpleSAMLphp, an authentication and federation platform, is vulnerable to a cross site scripting attack, allowing a remote attacker to access sensitive client data.

The oldstable distribution (lenny) does not contain a simplesamlphp package.

For the stable distribution (squeeze), this problem has been fixed in version 1.6.3-3.

For the unstable distribution (sid), this problem has been fixed in version 1.8.2-1.

We recommend that you upgrade your simplesamlphp packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : t1lib
Vulnerability : several
Problem type : local
Debian-specific: no
CVE ID : CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552
CVE-2011-1553 CVE-2011-1554
Debian Bug : 652996

Several vulnerabilities were discovered in t1lib, a Postscript Type 1 font rasterizer library, some of which might lead to code execution through the opening of files embedding bad fonts.

CVE-2010-2642
A heap-based buffer overflow in the AFM font metrics parser
potentially leads to the execution of arbitrary code.

CVE-2011-0433
Another heap-based buffer overflow in the AFM font metrics
parser potentially leads to the execution of arbitrary code.

CVE-2011-0764
An invalid pointer dereference allows execution of arbitrary
code using crafted Type 1 fonts.

CVE-2011-1552
Another invalid pointer dereference results in an application
crash, triggered by crafted Type 1 fonts.

CVE-2011-1553
A use-after-free vulnerability results in an application
crash, triggered by crafted Type 1 fonts.

CVE-2011-1554
An off-by-one error results in an invalid memory read and
application crash, triggered by crafted Type 1 fonts.

For the oldstable distribution (lenny), this problem has been fixed in version 5.1.2-3+lenny1.

For the stable distribution (squeeze), this problem has been fixed in version 5.1.2-3+squeeze1.

For the testing distribution (wheezy), this problem has been fixed in version 5.1.2-3.3.

For the unstable distribution (sid), this problem has been fixed in version 5.1.2-3.3.

We recommend that you upgrade your t1lib packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : openssl
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-4108 CVE-2011-4109 CVE-2011-4354
CVE-2011-4576 CVE-2011-4619

Several vulnerabilities were discovered in OpenSSL, an implementation of TLS and related protocols. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:

CVE-2011-4108
The DTLS implementation performs a MAC check only if certain
padding is valid, which makes it easier for remote attackers
to recover plaintext via a padding oracle attack.

CVE-2011-4109
A double free vulnerability when X509_V_FLAG_POLICY_CHECK is
enabled, allows remote attackers to cause applications crashes
and potentially allow execution of arbitrary code by
triggering failure of a policy check.

CVE-2011-4354
On 32-bit systems, the operations on NIST elliptic curves
P-256 and P-384 are not correctly implemented, potentially
leaking the private ECC key of a TLS server. (Regular
RSA-based keys are not affected by this vulnerability.)

CVE-2011-4576
The SSL 3.0 implementation does not properly initialize data
structures for block cipher padding, which might allow remote
attackers to obtain sensitive information by decrypting the
padding data sent by an SSL peer.

CVE-2011-4619
The Server Gated Cryptography (SGC) implementation in OpenSSL
does not properly handle handshake restarts, unnecessarily
simplifying CPU exhaustion attacks.

For the oldstable distribution (lenny), these problems have been fixed in version 0.9.8g-15+lenny15.

For the stable distribution (squeeze), these problems have been fixed in version 0.9.8 o-4squeeze5.

For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 1.0.0f-1.

We recommend that you upgrade your openssl packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : linux-2.6
Vulnerability : privilege escalation/denial of service/information leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2011-2183 CVE-2011-2213 CVE-2011-2898 CVE-2011-3353
CVE-2011-4077 CVE-2011-4110 CVE-2011-4127 CVE-2011-4611
CVE-2011-4622 CVE-2011-4914

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2011-2183

Andrea Righi reported an issue in KSM, a memory-saving de-duplication
feature. By exploiting a race with exiting tasks, local users can cause
a kernel oops, resulting in a denial of service.

CVE-2011-2213

Dan Rosenberg discovered an issue in the INET socket monitoring interface.
Local users could cause a denial of service by injecting code and causing
the kernel to execute an infinite loop.

CVE-2011-2898

Eric Dumazet reported an information leak in the raw packet socket
implementation.

CVE-2011-3353

Han-Wen Nienhuys reported a local denial of service issue issue in the FUSE
(Filesystem in Userspace) support in the linux kernel. Local users could
cause a buffer overflow, leading to a kernel oops and resulting in a denial
of service.

CVE-2011-4077

Carlos Maiolino reported an issue in the XFS filesystem. A local user
with the ability to mount a filesystem could corrupt memory resulting
in a denial of service or possibly gain elevated privileges.

CVE-2011-4110

David Howells reported an issue in the kernel's access key retention
system which allow local users to cause a kernel oops leading to a denial
of service.

CVE-2011-4127

Paolo Bonzini of Red Hat reported an issue in the ioctl passthrough
support for SCSI devices. Users with permission to access restricted
portions of a device (e.g. a partition or a logical volume) can obtain
access to the entire device by way of the SG_IO ioctl. This could be
exploited by a local user or privileged VM guest to achieve a privilege
escalation.

CVE-2011-4611

Maynard Johnson reported an issue with the perf support on POWER7 systems
that allows local users to cause a denial of service.

CVE-2011-4622

Jan Kiszka reported an issue in the KVM PIT timer support. Local users
with the permission to use KVM can cause a denial of service by starting
a PIT timer without first setting up the irqchip.

CVE-2011-4914

Ben Hutchings reported various bounds checking issues within the ROSE
protocol support in the kernel. Remote users could possibly use this
to gain access to sensitive memory or cause a denial of service.

For the stable distribution (squeeze), this problem has been fixed in version 2.6.32-39squeeze1. Updates for issues impacting the oldstable distribution
(lenny) will be available soon.

The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:

Debian 6.0 (squeeze)
user-mode-linux 2.6.32-1um-4+39squeeze1

We recommend that you upgrade your linux-2.6 and user-mode-linux packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : phpmyadmin
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-1940 CVE-2011-3181 CVE-2011-4107
Debian Bug : 656247

Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2011-4107

The XML import plugin allowed a remote attacker to read arbitrary
files via XML data containing external entity references.

CVE-2011-1940, CVE-2011-3181

Cross site scripting was possible in the table tracking feature,
allowing a remote attacker to inject arbitrary web script or HTML.


The oldstable distribution (lenny) is not affected by these problems.

For the stable distribution (squeeze), these problems have been fixed in version 4:3.3.7-7.

For the testing distribution (wheezy) and unstable distribution (sid), these problems have been fixed in version 4:3.4.7.1-1.

We recommend that you upgrade your phpmyadmin packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : rails
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-2930 CVE-2011-2931 CVE-2011-3186 CVE-2009-4214
Debian Bug : 629067

It was discovered that the last security update for Ruby on Rails, DSA-2301-1, introduced a regression in the libactionpack-ruby package.

For the oldstable distribution (lenny), this problem has been fixed in version 2.1.0-7+lenny2.

For the stable distribution (squeeze), this problem has been fixed in version 2.3.5-1.2+squeeze2.

We recommend that you upgrade your rails packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : openssl
Vulnerability : out-of-bounds read
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-0050

Antonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Regular, TCP-based TLS is not affected by this issue.

For the oldstable distribution (lenny), this problem has been fixed in version 0.9.8g-15+lenny16.

For the stable distribution (squeeze), this problem has been fixed in version 0.9.-4squeeze7.

For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 1.0.0g-1.

We recommend that you upgrade your openssl packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : rails
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-2930 CVE-2011-2931 CVE-2011-3186 CVE-2009-4214
Debian Bug : 629067

It was discovered that the last security update for Ruby on Rails, DSA-2301-1, introduced a regression in the libactionpack-ruby package.

For the oldstable distribution (lenny), this problem has been fixed in version 2.1.0-7+lenny2.

For the stable distribution (squeeze), this problem has been fixed in version 2.3.5-1.2+squeeze2.

We recommend that you upgrade your rails packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : bip
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-0806
Debian Bug : 657217

Julien Tinnes reported a buffer overflow in the bip multiuser irc proxy which may allow arbitrary code execution by remote users.

The oldstable distribution (lenny) is not affected by this problem.

For the stable distribution (squeeze), this problem has been fixed in version 0.8.2-1squeeze4.

For the testing distribution (wheezy) and the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your bip packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : libxml2
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-0216 CVE-2011-2821 CVE-2011-2834 CVE-2011-3905
CVE-2011-3919
Debian Bug : 652352 643648 656377

Many security problems had been fixed in libxml2, a popular library to handle XML data files.

CVE-2011-3919:
Jüri Aedla discovered a heap-based buffer overflow that allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-0216:
An Off-by-one error have been discoveried that allows remote attackers to execute arbitrary code or cause a denial of service.

CVE-2011-2821:
A memory corruption (double free) bug has been identified in libxml2's XPath engine. Through it, it is possible to an attacker allows cause a denial of service or possibly have unspecified other impact. This vulnerability does not affect the oldstable distribution (lenny).

CVE-2011-2834:
Yang Dingning discovered a double free vulnerability related to XPath handling.

CVE-2011-3905:
An out-of-bounds read vulnerability had been discovered, which allows remote attackers to cause a denial of service.

For the oldstable distribution (lenny), this problem has been fixed in version 2.6.32.dfsg-5+lenny5.

For the stable distribution (squeeze), this problem has been fixed in version 2.7.8.dfsg-2+squeeze2.

For the testing distribution (wheezy), this problem has been fixed in version 2.7.8.dfsg-7.

For the unstable distribution (sid), this problem has been fixed in version 2.7.8.dfsg-7.

We recommend that you upgrade your libxml2 packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : wireshark
Vulnerability : buffer underflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-3483 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066
CVE-2012-0067 CVE-2012-0068

Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code (CVE-2012-006

This update also addresses several bugs, which can lead to crashes of Wireshark. These are not treated as security issues, but are fixed nonetheless if security updates are scheduled: CVE-2011-3483, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066 and CVE-2012-0067.

For the stable distribution (squeeze), this problem has been fixed in version 1.2.11-6+squeeze6.

For the unstable distribution (sid), this problem has been fixed in version 1.6.5-1.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : qemu-kvm
Vulnerability : buffer underflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-0029

Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of KVM, a solution for full virtualization on
x86 hardware, which could result in denial of service or privilege escalation.

This update also fixes a guest-triggerable memory corruption in VNC handling.

For the stable distribution (squeeze), this problem has been fixed in version 0.12.5+dfsg-5+squeeze8.

For the unstable distribution (sid), this problem has been fixed in version 1.0+dfsg-5.

We recommend that you upgrade your qemu-kvm packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : icu
Vulnerability : buffer underflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-4599

It was discovered that a buffer overflow in the Unicode libraray ICU could lead to the execution of arbitrary code.

For the oldstable distribution (lenny), this problem has been fixed in version 3.8.1-3+lenny3.

For the stable distribution (squeeze), this problem has been fixed in version 4.4.1-8.

For the unstable distribution (sid), this problem has been fixed in version 4.8.1.1-3.

We recommend that you upgrade your icu packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : curl
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-3389 CVE-2012-0036

Several vulnerabilities have been discovered in Curl, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2011-3389

This update enables OpenSSL workarounds against the "BEAST" attack.
Additional information can be found in the Curl advisory:
http://curl.haxx.se/docs/adv_20120124B.html

CVE-2012-0036

Dan Fandrich discovered that Curl performs insufficient sanitising
when extracting the file path part of an URL.

For the oldstable distribution (lenny), this problem has been fixed in version 7.18.2-8lenny6.

For the stable distribution (squeeze), this problem has been fixed in version 7.21.0-2.1+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 7.24.0-1.

We recommend that you upgrade your curl packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : php5
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885
CVE-2012-0057

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues:

CVE-2011-1938

The UNIX socket handling allowed attackers to trigger a buffer overflow
via a long path name.

CVE-2011-2483

The crypt_blowfish function did not properly handle 8-bit characters,
which made it easier for attackers to determine a cleartext password
by using knowledge of a password hash.

CVE-2011-4566

When used on 32 bit platforms, the exif extension could be used to
trigger an integer overflow in the exif_process_IFD_TAG function
when processing a JPEG file.

CVE-2011-4885

It was possible to trigger hash collisions predictably when parsing
form parameters, which allows remote attackers to cause a denial of
service by sending many crafted parameters.

CVE-2012-0057

When applying a crafted XSLT transform, an attacker could write files
to arbitrary places in the filesystem.

NOTE: the fix for CVE-2011-2483 required changing the behaviour of this
function: it is now incompatible with some old (wrongly) generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP.


For the oldstable distribution (lenny), these problems have been fixed in version 5.2.6.dfsg.1-1+lenny14.

For the stable distribution (squeeze), these problems have been fixed in version 5.3.3-7+squeeze5.

For the testing distribution (wheezy) and unstable distribution (sid), these problems have been fixed in version 5.3.9-1.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : php5
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885
CVE-2012-0057

A regression was found in the fix for PHP's XSLT transformations (CVE-2012-0057). Updated packages are now available to address this regression. For reference, the original advisory text follows.

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues:

CVE-2011-1938

The UNIX socket handling allowed attackers to trigger a buffer overflow
via a long path name.

CVE-2011-2483

The crypt_blowfish function did not properly handle 8-bit characters,
which made it easier for attackers to determine a cleartext password
by using knowledge of a password hash.

CVE-2011-4566

When used on 32 bit platforms, the exif extension could be used to
trigger an integer overflow in the exif_process_IFD_TAG function
when processing a JPEG file.

CVE-2011-4885

It was possible to trigger hash collisions predictably when parsing
form parameters, which allows remote attackers to cause a denial of
service by sending many crafted parameters.

CVE-2012-0057

When applying a crafted XSLT transform, an attacker could write files
to arbitrary places in the filesystem.

NOTE: the fix for CVE-2011-2483 required changing the behaviour of this
function: it is now incompatible with some old (wrongly) generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP.

NOTE: at the time of release packages for some architectures are still being built. They will be installed into the archive as soon as they arrive.

For the oldstable distribution (lenny), these problems have been fixed in version 5.2.6.dfsg.1-1+lenny15.

For the stable distribution (squeeze), these problems have been fixed in version 5.3.3-7+squeeze6.

For the testing distribution (wheezy) and unstable distribution (sid), these problems have been fixed in version 5.3.9-1.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Package : iceweasel
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-3670 CVE-2012-0442 CVE-2012-0444 CVE-2012-0449

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian.

CVE-2011-3670

Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed,
resulting in potential information disclosure.

CVE-2012-0442

Jesse Ruderman and Bob Clary discovered memory corruption bugs, which
may lead to the execution of arbitrary code.

CVE-2012-0444

"regenrecht" discovered that missing input sanisiting in the Ogg Vorbis
parser may lead to the execution of arbitrary code.

CVE-2012-0449

Nicolas Gregoire and Aki Helin discovered that missing input
sanisiting in XSLT processing may lead to the execution of arbitrary
code.

For the oldstable distribution (lenny), this problem has been fixed in version 1.9.0.19-13 of the xulrunner source package.

For the stable distribution (squeeze), this problem has been fixed in version 3.5.16-12.

For the unstable distribution (sid), this problem has been fixed in version 10.0-1.

We recommend that you upgrade your iceweasel packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/