Sikkerhedsoplysninger / Sikkerhedsbulletiner fra 2000

Sikkerhedsbulletiner fra 2000

[25. dec 2000] DSA-008 dialog - insecure temporary files
[25. dec 2000] DSA-010 gnupg - cheating with detached signatures, circumvention of web of trust
[25. dec 2000] DSA-009 stunnel - insecure file handling, format string bug
[20. dec 2000] DSA-007 zope - insufficient protection
[19. dec 2000] DSA-006 zope - privilege escalation
[17. dec 2000] DSA-004 nano - symlink attack
[17. dec 2000] DSA-005 slocate - local exploit
[ 1. dec 2000] DSA-003 joe - symlink attack
[30. nov 2000] DSA-002 fsh - symlink attack
[29. nov 2000] DSA-001 ed - symlink attack
[25. nov 2000] mc - local DoS
[23. nov 2000] ghostscript - symlink attack
[21. nov 2000] joe - symlink attack
[22. nov 2000] modutils - local buffer overflow
[22. nov 2000] koules - local root exploit
[21. nov 2000] ethereal - remote exploit
[21. nov 2000] ncurses - local privilege escalation
[21. nov 2000] xmcd - untrustworthy privileged binaries
[20. nov 2000] modutils - local exploit
[20. nov 2000] tcpdump - remote denial of service
[19. nov 2000] cupsys - remote misuse of printer
[18. nov 2000] openssh - possible remote exploit
[18. nov 2000] cron - local privilege escalation
[12. nov 2000] bind - remote Denial of Service
[11. nov 2000] gnupg - incorrect signature verification
[11. nov 2000] tcsh - local exploit
[14. okt 2000] nis - local exploit
[14. okt 2000] php4 - possible remote exploit
[14. okt 2000] php3 - possible remote exploit
[13. okt 2000] traceroute - local root exploit
[13. okt 2000] curl and curl-ssl - remote exploit
[ 9. okt 2000] boa - exposes contents of local files
[ 8. okt 2000] esound - race condition
[19. sep 2000] sysklogd - root exploit
[11. sep 2000] libpam-smb - remote root exploit
[10. sep 2000] imp - remote compromise
[10. sep 2000] xpdf - local exploit
[ 2. sep 2000] glibc - local root exploit
[ 2. sep 2000] screen - local exploit
[ 1. sep 2000] netscape navigator/communicator - remote exploit
[30. aug 2000] ntop - Still remotely exploitable using buffer overflows
[30. aug 2000] xchat - Command Execution Via URLs Vulnerability
[21. aug 2000] zope - unauthorized escalation of privilege (update)
[16. aug 2000] xlockmore - possible shadow file compromise
[11. aug 2000] zope - unauthorized escalation of privilege
[ 8. aug 2000] mailx - local exploit
[28. jul 2000] dhcp client - remote root exploit in dhcp client
[27. jul 2000] userv - local exploit
[11. jul 2000] ftpd - buffer overflow in ftpd
[16. jul 2000] cvsweb - unauthorized remote code execution
[15. jul 2000] rpc.statd - remote root exploit
[ 1. jul 2000] canna server - buffer overflow
[28. jun 2000] dhcp client - remote root exploit in dhcp client
[22. jun 2000] wu-ftpd - remote root exploit in wu-ftpd
[19. jun 2000] xinetd - bug in access control mechanism
[12. jun 2000] kernel - bug in capabilities handling allows root exploits
[ 5. jun 2000] mailx - mail group exploit in mailx
[ 5. jun 2000] splitvt - root exploit in splitvt
[28. mar 2000] dump - reported exploit in dump
[ 9. mar 2000] mtr - possible local exploit in mtr
[28. feb 2000] nmh - remote exploit in nmh
[26. feb 2000] htdig - remote users can read files with webserver uid
[14. feb 2000] make - symlink attack in make
[ 1. feb 2000] apcd - symlink attack in apcd
[ 9. jan 2000] lpr - access control problem and root exploit
[ 8. jan 2000] nvi - incorrect file removal in boot script

Du kan modtage de seneste sikkerhedsbulletiner fra Debian ved at abonnere på vores debian-security-announce-postliste. Du kan også kigge i listens arkiv.

---

Tilbage til Debian-projektets hjemmeside.

---

---