Informacje dotyczące bezpieczeństwa / Ostrzeżenia dotyczące bezpieczeństwa z 2000 roku

Ostrzeżenia dotyczące bezpieczeństwa z 2000 roku

[25.12.2000] DSA-008 dialog - insecure temporary files
[25.12.2000] DSA-010 gnupg - cheating with detached signatures, circumvention of web of trust
[25.12.2000] DSA-009 stunnel - insecure file handling, format string bug
[20.12.2000] DSA-007 zope - insufficient protection
[19.12.2000] DSA-006 zope - privilege escalation
[17.12.2000] DSA-004 nano - symlink attack
[17.12.2000] DSA-005 slocate - local exploit
[01.12.2000] DSA-003 joe - symlink attack
[30.11.2000] DSA-002 fsh - symlink attack
[29.11.2000] DSA-001 ed - symlink attack
[25.11.2000] mc - local DoS
[23.11.2000] ghostscript - symlink attack
[21.11.2000] joe - symlink attack
[22.11.2000] modutils - local buffer overflow
[22.11.2000] koules - local root exploit
[21.11.2000] ethereal - remote exploit
[21.11.2000] ncurses - local privilege escalation
[21.11.2000] xmcd - untrustworthy privileged binaries
[20.11.2000] modutils - local exploit
[20.11.2000] tcpdump - remote denial of service
[19.11.2000] cupsys - remote misuse of printer
[18.11.2000] openssh - possible remote exploit
[18.11.2000] cron - local privilege escalation
[12.11.2000] bind - remote Denial of Service
[11.11.2000] gnupg - incorrect signature verification
[11.11.2000] tcsh - local exploit
[14.10.2000] nis - local exploit
[14.10.2000] php4 - possible remote exploit
[14.10.2000] php3 - possible remote exploit
[13.10.2000] traceroute - local root exploit
[13.10.2000] curl and curl-ssl - remote exploit
[09.10.2000] boa - exposes contents of local files
[08.10.2000] esound - race condition
[19.09.2000] sysklogd - root exploit
[11.09.2000] libpam-smb - remote root exploit
[10.09.2000] imp - remote compromise
[10.09.2000] xpdf - local exploit
[02.09.2000] glibc - local root exploit
[02.09.2000] screen - local exploit
[01.09.2000] netscape navigator/communicator - remote exploit
[30.08.2000] ntop - Still remotely exploitable using buffer overflows
[30.08.2000] xchat - Command Execution Via URLs Vulnerability
[21.08.2000] zope - unauthorized escalation of privilege (update)
[16.08.2000] xlockmore - possible shadow file compromise
[11.08.2000] zope - unauthorized escalation of privilege
[08.08.2000] mailx - local exploit
[28.07.2000] dhcp client - remote root exploit in dhcp client
[27.07.2000] userv - local exploit
[11.07.2000] ftpd - buffer overflow in ftpd
[16.07.2000] cvsweb - unauthorized remote code execution
[15.07.2000] rpc.statd - remote root exploit
[01.07.2000] canna server - buffer overflow
[28.06.2000] dhcp client - remote root exploit in dhcp client
[22.06.2000] wu-ftpd - remote root exploit in wu-ftpd
[19.06.2000] xinetd - bug in access control mechanism
[12.06.2000] kernel - bug in capabilities handling allows root exploits
[05.06.2000] mailx - mail group exploit in mailx
[05.06.2000] splitvt - root exploit in splitvt
[28.03.2000] dump - reported exploit in dump
[09.03.2000] mtr - possible local exploit in mtr
[28.02.2000] nmh - remote exploit in nmh
[26.02.2000] htdig - remote users can read files with webserver uid
[14.02.2000] make - symlink attack in make
[01.02.2000] apcd - symlink attack in apcd
[09.01.2000] lpr - access control problem and root exploit
[08.01.2000] nvi - incorrect file removal in boot script

Aby otrzymywać najnowsze ostrzeżenia dotyczące bezpieczeństwa należy zapisać się na listę dyskusyjną debian-security-announce. Można także przeglądać archiwum tej listy.

---

Powrót do strony głównej Debiana.

---

---