Debian Linux Distribution
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
dhcpcd, a DHCP client for automatically configuring IPv4 networking, can be tricked into reading past the end of the supplied DHCP buffer which could lead to the daemon crashing.
A vulnerability was discovered in the ettercap package which could allow a remote attacker to execute arbitrary code on the system running ettercap.
A vulnerability has been identified in the xmlrpc library included in the egroupware package. This vulnerability could lead to the execution of arbitrary commands on the server running egroupware.
Two input validation errors were discovered in drupal and its bundled xmlrpc module. These errors can lead to the execution of arbitrary commands on the web server running drupal.
Sven Tantau discovered a security problem in fuse, a filesystem in userspace, that can be exploited by malicious local users to disclose potentially sensitive information.
Several problems have been discovered in ht, a viewer, editor and analyser for various executables, that may lead to the execution of arbitrary code.
Derek Price, the current maintainer of CVS, discovered a buffer overflow in the CVS server, that serves the popular Concurrent Versions System, which could lead to the execution of arbitrary code.
Chris Evans discovered that a specially crafted archive can trigger an infinete loop in bzip2, a high-quality block-sorting file compressor.
An error in the way zlib handles the inflation of certain compressed files can cause a program which uses zlib to crash when opening an invalid file.
Stefan Esser discovered an input validation flaw within Trac, a wiki and issue tracking system, that allows download/upload of files and therefore can lead to remote code execution in some configurations.