Informazioni sulla sicurezza / Bollettini della sicurezza del 2000

Bollettini della sicurezza del 2000

[25 dic 2000] DSA-008 dialog - insecure temporary files
[25 dic 2000] DSA-010 gnupg - cheating with detached signatures, circumvention of web of trust
[25 dic 2000] DSA-009 stunnel - insecure file handling, format string bug
[20 dic 2000] DSA-007 zope - insufficient protection
[19 dic 2000] DSA-006 zope - privilege escalation
[17 dic 2000] DSA-004 nano - symlink attack
[17 dic 2000] DSA-005 slocate - local exploit
[01 dic 2000] DSA-003 joe - symlink attack
[30 nov 2000] DSA-002 fsh - symlink attack
[29 nov 2000] DSA-001 ed - symlink attack
[25 nov 2000] mc - local DoS
[23 nov 2000] ghostscript - symlink attack
[21 nov 2000] joe - symlink attack
[22 nov 2000] modutils - local buffer overflow
[22 nov 2000] koules - local root exploit
[21 nov 2000] ethereal - remote exploit
[21 nov 2000] ncurses - local privilege escalation
[21 nov 2000] xmcd - untrustworthy privileged binaries
[20 nov 2000] modutils - local exploit
[20 nov 2000] tcpdump - remote denial of service
[19 nov 2000] cupsys - remote misuse of printer
[18 nov 2000] openssh - possible remote exploit
[18 nov 2000] cron - local privilege escalation
[12 nov 2000] bind - remote Denial of Service
[11 nov 2000] gnupg - incorrect signature verification
[11 nov 2000] tcsh - local exploit
[14 ott 2000] nis - local exploit
[14 ott 2000] php4 - possible remote exploit
[14 ott 2000] php3 - possible remote exploit
[13 ott 2000] traceroute - local root exploit
[13 ott 2000] curl and curl-ssl - remote exploit
[09 ott 2000] boa - exposes contents of local files
[08 ott 2000] esound - race condition
[19 set 2000] sysklogd - root exploit
[11 set 2000] libpam-smb - remote root exploit
[10 set 2000] imp - remote compromise
[10 set 2000] xpdf - local exploit
[02 set 2000] glibc - local root exploit
[02 set 2000] screen - local exploit
[01 set 2000] netscape navigator/communicator - remote exploit
[30 ago 2000] ntop - Still remotely exploitable using buffer overflows
[30 ago 2000] xchat - Command Execution Via URLs Vulnerability
[21 ago 2000] zope - unauthorized escalation of privilege (update)
[16 ago 2000] xlockmore - possible shadow file compromise
[11 ago 2000] zope - unauthorized escalation of privilege
[08 ago 2000] mailx - local exploit
[28 lug 2000] dhcp client - remote root exploit in dhcp client
[27 lug 2000] userv - local exploit
[11 lug 2000] ftpd - buffer overflow in ftpd
[16 lug 2000] cvsweb - unauthorized remote code execution
[15 lug 2000] rpc.statd - remote root exploit
[01 lug 2000] canna server - buffer overflow
[28 giu 2000] dhcp client - remote root exploit in dhcp client
[22 giu 2000] wu-ftpd - remote root exploit in wu-ftpd
[19 giu 2000] xinetd - bug in access control mechanism
[12 giu 2000] kernel - bug in capabilities handling allows root exploits
[05 giu 2000] mailx - mail group exploit in mailx
[05 giu 2000] splitvt - root exploit in splitvt
[28 mar 2000] dump - reported exploit in dump
[09 mar 2000] mtr - possible local exploit in mtr
[28 feb 2000] nmh - remote exploit in nmh
[26 feb 2000] htdig - remote users can read files with webserver uid
[14 feb 2000] make - symlink attack in make
[01 feb 2000] apcd - symlink attack in apcd
[09 gen 2000] lpr - access control problem and root exploit
[08 gen 2000] nvi - incorrect file removal in boot script

Si possono ricevere gli ultimi bollettini della sicurezza Debian iscrivendosi alla lista di messaggi debian-security-announce. È anche possibile sfogliare gli archivi della lista.

---

Ritorna alla pagina principale del Progetto Debian.

---

---