The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Debian Etch

vulnerability note CVE-2018-10859

git-annex: information disclosure via Local Gpg Encrypted File

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Local Gpg Encrypted File of git-annex, in order to obtain sensitive information.
Severity: 1/4.
Creation date: 06/07/2018.
Identifiers: CVE-2018-10859, DLA-1495-1, FEDORA-2018-7e8c49a451, FEDORA-2018-e22c8eb218, openSUSE-SU-2018:1896-1, openSUSE-SU-2018:1897-1, VIGILANCE-VUL-26640.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via Local Gpg Encrypted File of git-annex, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

weakness CVE-2018-10857

git-annex: file reading

Synthesis of the vulnerability

A local attacker can read a file of git-annex, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 06/07/2018.
Identifiers: CVE-2018-10857, DLA-1495-1, FEDORA-2018-7e8c49a451, FEDORA-2018-e22c8eb218, openSUSE-SU-2018:1896-1, openSUSE-SU-2018:1897-1, VIGILANCE-VUL-26639.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A local attacker can read a file of git-annex, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer weakness announce CVE-2018-10875

Ansible Core: privilege escalation via Current Directory Ansible.cfg

Synthesis of the vulnerability

An attacker can bypass restrictions via Current Directory Ansible.cfg of Ansible Core, in order to escalate his privileges.
Severity: 2/4.
Creation date: 06/07/2018.
Identifiers: CVE-2018-10875, DLA-1923-1, DSA-4396-1, openSUSE-SU-2019:0238-1, openSUSE-SU-2019:1125-1, USN-4072-1, VIGILANCE-VUL-26638.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Current Directory Ansible.cfg of Ansible Core, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer weakness bulletin CVE-2018-10860

Perl Archive-Zip: directory traversal via Symlink

Synthesis of the vulnerability

An attacker can traverse directories via Symlink of Perl Archive::Zip, in order to create a file outside the service root path.
Severity: 2/4.
Creation date: 05/07/2018.
Identifiers: CVE-2018-10860, DLA-1440-1, DSA-4300-1, FEDORA-2018-6abfa0012f, FEDORA-2018-ebebe9abe2, openSUSE-SU-2018:2438-1, SUSE-SU-2018:2385-1, SUSE-SU-2018:2386-1, SUSE-SU-2018:2388-1, USN-3703-1, USN-3703-2, VIGILANCE-VUL-26625.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can traverse directories via Symlink of Perl Archive::Zip, in order to create a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2018-13100

Linux kernel: denial of service via secs_per_zone

Synthesis of the vulnerability

An attacker can generate a fatal error via secs_per_zone of the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 04/07/2018.
Identifiers: CERTFR-2019-AVI-145, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CVE-2018-13100, DLA-1715-1, openSUSE-SU-2018:3202-1, SSA:2019-030-01, USN-3932-1, USN-3932-2, USN-4094-1, USN-4118-1, VIGILANCE-VUL-26621.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via secs_per_zone of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2018-13099

Linux kernel: out-of-bounds memory reading via fs/f2fs/inline.c

Synthesis of the vulnerability

An attacker can force a read at an invalid address via fs/f2fs/inline.c of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 04/07/2018.
Identifiers: CERTFR-2019-AVI-145, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CVE-2018-13099, DLA-1531-1, DSA-4308-1, openSUSE-SU-2018:3202-1, SSA:2019-030-01, USN-3932-1, USN-3932-2, USN-4094-1, USN-4118-1, VIGILANCE-VUL-26620.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via fs/f2fs/inline.c of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce CVE-2018-13097

Linux kernel: out-of-bounds memory reading via user_block_count

Synthesis of the vulnerability

An attacker can force a read at an invalid address via user_block_count of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 04/07/2018.
Identifiers: CERTFR-2019-AVI-145, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CVE-2018-13097, DLA-1715-1, openSUSE-SU-2018:3202-1, SSA:2019-030-01, USN-3932-1, USN-3932-2, USN-4094-1, USN-4118-1, VIGILANCE-VUL-26618.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via user_block_count of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer threat alert CVE-2018-13096

Linux kernel: assertion error via fs/f2fs/super.c

Synthesis of the vulnerability

An attacker can force an assertion error via fs/f2fs/super.c of the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 04/07/2018.
Identifiers: CERTFR-2018-AVI-557, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CVE-2018-13096, DLA-1715-1, openSUSE-SU-2018:3202-1, SSA:2019-030-01, USN-3821-1, USN-3821-2, USN-4094-1, USN-4118-1, VIGILANCE-VUL-26617.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force an assertion error via fs/f2fs/super.c of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

security bulletin CVE-2018-13094

Linux kernel: NULL pointer dereference via xfs_da_shrink_inode

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via xfs_da_shrink_inode() of the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 04/07/2018.
Identifiers: 1103505, CERTFR-2018-AVI-408, CERTFR-2018-AVI-413, CERTFR-2018-AVI-456, CERTFR-2018-AVI-466, CERTFR-2018-AVI-480, CERTFR-2019-AVI-183, CVE-2018-13094, DLA-1529-1, FEDORA-2018-50075276e8, openSUSE-SU-2018:2738-1, openSUSE-SU-2018:3071-1, RHSA-2019:0831-01, RHSA-2019:2029-01, RHSA-2019:2043-01, SUSE-SU-2018:2858-1, SUSE-SU-2018:2862-1, SUSE-SU-2018:2980-1, SUSE-SU-2018:3084-1, USN-3752-1, USN-3752-2, USN-3752-3, USN-3753-1, USN-3753-2, USN-3754-1, VIGILANCE-VUL-26615.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via xfs_da_shrink_inode() of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-13093

Linux kernel: NULL pointer dereference via fs/xfs/xfs_icache.c

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via fs/xfs/xfs_icache.c of the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 04/07/2018.
Identifiers: 1103505, CERTFR-2018-AVI-456, CERTFR-2018-AVI-460, CERTFR-2018-AVI-466, CERTFR-2018-AVI-480, CERTFR-2019-AVI-188, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CVE-2018-13093, DLA-1529-1, FEDORA-2018-50075276e8, openSUSE-SU-2018:2738-1, openSUSE-SU-2018:3071-1, RHSA-2019:2029-01, RHSA-2019:2043-01, SUSE-SU-2018:2858-1, SUSE-SU-2018:2862-1, SUSE-SU-2018:2908-1, SUSE-SU-2018:2908-2, SUSE-SU-2018:2980-1, SUSE-SU-2018:3083-1, SUSE-SU-2018:3084-1, USN-4094-1, USN-4118-1, VIGILANCE-VUL-26614.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via fs/xfs/xfs_icache.c of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Etch: