The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Sarge

Nagios: denial of service via CGI
An attacker can use a Nagios CGI query with a long variable, in order to read information, or to trigger a denial of service...
BID-64489, CVE-2013-7108, CVE-2013-7205, DLA-1615-1, DSA-2956-1, DTC-A-20140324-004, MDVSA-2014:004, openSUSE-SU-2014:0016-1, openSUSE-SU-2014:0039-1, openSUSE-SU-2014:0069-1, openSUSE-SU-2014:0097-1, USN-3253-1, USN-3253-2, VIGILANCE-VUL-13986
OpenSSL: denial of service via TLS 1.2
An attacker can use TLS 1.2 with an application linked to OpenSSL, in order to trigger a denial of service...
3200, BID-64530, CERTA-2014-AVI-003, CERTFR-2014-AVI-091, CERTFR-2014-AVI-286, CVE-2013-6449, DSA-2020-062, DSA-2833-1, FEDORA-2013-23768, FEDORA-2013-23788, FEDORA-2013-23794, FEDORA-2014-1560, FEDORA-2014-1567, FreeBSD-SA-14:03.openssl, openSUSE-SU-2014:0012-1, openSUSE-SU-2014:0015-1, openSUSE-SU-2014:0018-1, openSUSE-SU-2014:0048-1, openSUSE-SU-2014:0049-1, RHSA-2014:0015-01, RHSA-2014:0041-01, SOL15147, SSA:2014-013-02, VIGILANCE-VUL-13978
Linux kernel: memory corruption via KVM VCPU
A local attacker can generate a memory corruption via a large KVM VCPU for the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
CERTA-2014-AVI-010, CERTFR-2014-AVI-106, CERTFR-2014-AVI-107, CVE-2013-4587, DSA-2906-1, FEDORA-2013-23445, FEDORA-2013-23653, MDVSA-2014:001, openSUSE-SU-2014:0204-1, openSUSE-SU-2014:0205-1, openSUSE-SU-2014:0247-1, USN-2128-1, USN-2129-1, USN-2135-1, USN-2136-1, USN-2138-1, USN-2139-1, USN-2141-1, VIGILANCE-VUL-13977
pixman: integer overflow via a trapezoid
An attacker can generate an integer overflow when pixman displays a trapezoid, in order to trigger a denial of service, and possibly to execute code...
CVE-2013-6425, DSA-2823-1, FEDORA-2014-6825, FEDORA-2014-6829, FEDORA-2014-9359, FEDORA-2014-9399, MDVSA-2013:302, openSUSE-SU-2014:0007-1, openSUSE-SU-2014:0011-1, openSUSE-SU-2014:0014-1, openSUSE-SU-2014:0145-1, RHSA-2013:1869-01, VIGILANCE-VUL-13972
X.Org: integer overflow via a trapezoid
An attacker can generate an integer overflow when X.Org displays a trapezoid, in order to trigger a denial of service, and possibly to execute code...
CVE-2013-6424, DSA-2822-1, MDVSA-2014:020, openSUSE-SU-2013:1965-1, RHSA-2013:1868-01, USN-2500-1, VIGILANCE-VUL-13971
GnuPG: key detection by sound listening
An attacker, who is located near a computer performing RSA operations with GnuPG on chosen messages, can listen this computer, in order to guess a 4096 bit RSA key in one hour...
BID-64424, CVE-2013-4576, DSA-2821-1, FEDORA-2013-23603, FEDORA-2013-23615, FEDORA-2013-23678, FEDORA-2013-23720, FEDORA-2013-23734, MDVSA-2013:295, RHSA-2014:0016-01, SSA:2013-354-01, VIGILANCE-VUL-13961
libcurl: certificate not checked without VERIFYPEER
An attacker can offer a malicious certificate, to an application linked with libcurl, which disables VERIFYPEER, so the user is not warned...
BID-64431, CVE-2013-6422, DSA-2824-1, JSA10874, VIGILANCE-VUL-13956
Asterisk: buffer overflow via SMS
An attacker can send a special SMS, to generate a buffer overflow in Asterisk, in order to trigger a denial of service...
AST-2013-006, BID-64364, CERTA-2013-AVI-680, CVE-2013-7100, DSA-2835-1, FEDORA-2013-24108, FEDORA-2013-24119, FEDORA-2013-24142, MDVSA-2013:300, VIGILANCE-VUL-13954
Linux kernel: denial of service via KVM apic_get_tmcct
An attacker located in a guest system can generate an arithmetic error in the KVM apic_get_tmcct() function of the Linux kernel, in order to trigger a denial of service...
1032207, BID-64270, CERTA-2014-AVI-010, CERTFR-2014-AVI-106, CERTFR-2014-AVI-107, CVE-2013-6367, DSA-2906-1, FEDORA-2013-23445, FEDORA-2013-23653, MDVSA-2014:001, openSUSE-SU-2014:0204-1, openSUSE-SU-2014:0205-1, openSUSE-SU-2014:0247-1, RHSA-2013:1801-01, RHSA-2013:1802-01, RHSA-2014:0163-01, RHSA-2014:0284-01, USN-2128-1, USN-2129-1, USN-2135-1, USN-2136-1, USN-2138-1, USN-2139-1, USN-2141-1, VIGILANCE-VUL-13944
PHP: memory corruption via openssl_x509_parse
An attacker can generate a memory corruption in the openssl_x509_parse() function of PHP, in order to trigger a denial of service, and possibly to execute code...
1036830, BID-64225, CERTFR-2014-AVI-244, CVE-2013-6420, DSA-2816-1, FEDORA-2013-23164, FEDORA-2013-23208, FEDORA-2013-23215, JSA10804, MDVSA-2013:298, MDVSA-2014:014, openSUSE-SU-2013:1963-1, openSUSE-SU-2013:1964-1, RHSA-2013:1813-01, RHSA-2013:1814-01, RHSA-2013:1815-01, RHSA-2013:1824-01, RHSA-2013:1825-01, RHSA-2013:1826-01, SSA:2014-013-03, SUSE-SU-2014:0873-1, SUSE-SU-2014:0873-2, VIGILANCE-VUL-13936
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Sarge: