The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Sarge

GnuTLS 2: denial of service via _gnutls_ciphertext2compressed
An attacker can use a malformed TLS packet, to force GnuTLS 2 to read at an invalid memory address, in order to trigger a denial of service...
BID-60215, CERTA-2013-AVI-454, CERTA-2013-AVI-543, CERTFR-2014-AVI-112, CERTFR-2014-AVI-244, CVE-2013-2116, DSA-2697-1, ESX400-201310001, ESX400-201310401-SG, ESX400-201310402-SG, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, FEDORA-2013-9774, FEDORA-2013-9783, FEDORA-2013-9792, FEDORA-2013-9799, GNUTLS-SA-2013-2, MDVSA-2013:171, RHSA-2013:0883-01, RHSA-2013:1076-01, SOL15637, SSA:2013-287-03, SUSE-SU-2013:1060-1, SUSE-SU-2013:1060-2, SUSE-SU-2014:0320-1, SUSE-SU-2014:0322-1, VIGILANCE-VUL-12882, VMSA-2013-0009, VMSA-2013-0009.2
FFmpeg: several vulnerabilities
An attacker can create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer...
BID-60476, BID-60491, BID-60492, BID-60494, BID-60496, BID-60497, CVE-2013-3670, CVE-2013-3671, CVE-2013-3672, CVE-2013-3673, CVE-2013-3674, CVE-2013-3675, DSA-3003-1, MDVSA-2014:227, USN-2309-1, VIGILANCE-VUL-12867
SPIP: administrator access via inscription
An attacker can create a new SPIP user with an administrator profile, in order to gain full access to the site...
BID-60163, CERTA-2013-AVI-329, CVE-2013-2118, DSA-2694-1, VIGILANCE-VUL-12859
X.Org: multiple vulnerabilities of libraries
An attacker can use several vulnerabilities of libraries of X.Org...
BID-60120, BID-60121, BID-60122, BID-60123, BID-60124, BID-60125, BID-60126, BID-60127, BID-60128, BID-60129, BID-60130, BID-60131, BID-60132, BID-60133, BID-60134, BID-60135, BID-60136, BID-60137, BID-60138, BID-60139, BID-60141, BID-60142, BID-60143, BID-60144, BID-60145, BID-60146, BID-60148, BID-60149, c04341797, CERTA-2013-AVI-362, CVE-2013-1981, CVE-2013-1982, CVE-2013-1983, CVE-2013-1984, CVE-2013-1985, CVE-2013-1986, CVE-2013-1987, CVE-2013-1988, CVE-2013-1989, CVE-2013-1990, CVE-2013-1991, CVE-2013-1992, CVE-2013-1993, CVE-2013-1994, CVE-2013-1995, CVE-2013-1996, CVE-2013-1997, CVE-2013-1998, CVE-2013-1999, CVE-2013-2000, CVE-2013-2001, CVE-2013-2002, CVE-2013-2003, CVE-2013-2004, CVE-2013-2005, CVE-2013-2062, CVE-2013-2063, CVE-2013-2064, CVE-2013-2066, DSA-2673-1, DSA-2674-1, DSA-2675-1, DSA-2675-2, DSA-2676-1, DSA-2677-1, DSA-2678-1, DSA-2679-1, DSA-2680-1, DSA-2681-1, DSA-2682-1, DSA-2683-1, DSA-2684-1, DSA-2685-1, DSA-2686-1, DSA-2687-1, DSA-2688-1, DSA-2689-1, DSA-2690-1, DSA-2691-1, DSA-2692-1, DSA-2693-1, FEDORA-2013-11734, FEDORA-2013-12083, FEDORA-2013-12593, FEDORA-2013-5967, FEDORA-2013-9151, HPSBUX03049, MDVSA-2013:181, MDVSA-2013:182, NetBSD-SA2013-007, openSUSE-SU-2013:0865-1, openSUSE-SU-2013:1007-1, openSUSE-SU-2013:1008-1, openSUSE-SU-2013:1009-1, openSUSE-SU-2013:1010-1, openSUSE-SU-2013:1011-1, openSUSE-SU-2013:1014-1, openSUSE-SU-2013:1025-1, openSUSE-SU-2013:1026-1, openSUSE-SU-2013:1027-1, openSUSE-SU-2013:1028-1, openSUSE-SU-2013:1029-1, openSUSE-SU-2013:1030-1, openSUSE-SU-2013:1031-1, openSUSE-SU-2013:1032-1, openSUSE-SU-2013:1033-1, openSUSE-SU-2013:1034-1, openSUSE-SU-2013:1041-1, openSUSE-SU-2013:1046-1, openSUSE-SU-2013:1047-1, RHSA-2013:0897-01, RHSA-2013:0898-01, RHSA-2014:1436-02, SSA:2017-291-01, SSRT101240, SUSE-SU-2014:0881-1, SUSE-SU-2014:0882-1, SUSE-SU-2014:0883-1, SUSE-SU-2014:0893-1, SUSE-SU-2014:0898-1, SUSE-SU-2014:0900-1, SUSE-SU-2014:0915-1, SUSE-SU-2014:0916-1, SUSE-SU-2014:0919-1, VIGILANCE-VUL-12858
OTRS: ticket reading via AgentTicketPhone
An authenticated attacker can change the url of the ticket split mechanism of OTRS, in order to read tickets of other users, which can contain sensitive information...
BID-60117, CVE-2013-3551, DSA-2696-1, MDVSA-2013:188, openSUSE-SU-2013:1338-1, VIGILANCE-VUL-12851
Xen: buffer overflow of pyxc_vcpu_setaffinity
When the system uses the Python libxc Toolstack, a guest administrator can generate a buffer overflow in pyxc_vcpu_setaffinity() of Xen, in order to trigger a denial of service, and possibly to execute code...
BID-59982, CERTA-2013-AVI-316, CVE-2013-2072, DSA-3041-1, FEDORA-2013-8571, FEDORA-2013-8590, openSUSE-SU-2013:1392-1, openSUSE-SU-2013:1404-1, SUSE-SU-2013:1075-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12845, XSA-56
Wireshark: multiple vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service...
BID-59992, BID-59994, BID-59995, BID-59996, BID-59997, BID-59998, BID-59999, BID-6000, BID-60000, BID-60001, BID-60002, BID-60021, CERTA-2013-AVI-543, CVE-2013-2486, CVE-2013-2487, CVE-2013-3555, CVE-2013-3556, CVE-2013-3557, CVE-2013-3558, CVE-2013-3559, CVE-2013-3560, CVE-2013-3561, CVE-2013-3562, DLA-497-1, DSA-2700-1, FEDORA-2013-17635, MDVSA-2013:172, openSUSE-SU-2013:0848-1, openSUSE-SU-2013:0911-1, openSUSE-SU-2013:0947-1, openSUSE-SU-2013:1084-1, openSUSE-SU-2013:1086-1, RHSA-2013:1569-02, RHSA-2014:0341-01, VIGILANCE-VUL-12844, wnpa-sec-2013-23, wnpa-sec-2013-24, wnpa-sec-2013-25, wnpa-sec-2013-26, wnpa-sec-2013-27, wnpa-sec-2013-28, wnpa-sec-2013-29, wnpa-sec-2013-30, wnpa-sec-2013-31
Openswan: buffer overflow of atodn
When Opportunistic Encryption is enabled ("oe=yes"), an attacker can generate a buffer overflow in Openswan, in order to trigger a denial of service, and possibly to execute code...
BID-59838, CVE-2013-2053, DSA-2893-1, MDVSA-2013:231, RHSA-2013:0827-01, SUSE-SU-2013:1150-1, VIGILANCE-VUL-12828
Firefox, Thunderbird, SeaMonkey: several vulnerabilities
Several vulnerabilities of Firefox, Thunderbird and SeaMonkey can be used by an attacker to execute code on victim's computer...
BID-59852, CERTA-2013-AVI-309, CVE-2012-1942, CVE-2013-0801, CVE-2013-1669, CVE-2013-1670, CVE-2013-1671, CVE-2013-1672, CVE-2013-1673, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681, DSA-2699-1, FEDORA-2013-8284, FEDORA-2013-8298, FEDORA-2013-8398, MDVSA-2013:165, MFSA 2013-41, MFSA 2013-42, MFSA 2013-43, MFSA 2013-44, MFSA 2013-45, MFSA 2013-46, MFSA 2013-47, MFSA 2013-48, openSUSE-SU-2013:0825-1, openSUSE-SU-2013:0831-1, openSUSE-SU-2013:0834-1, openSUSE-SU-2013:0894-1, openSUSE-SU-2013:0896-1, openSUSE-SU-2013:0929-1, openSUSE-SU-2013:0946-1, openSUSE-SU-2014:1100-1, RHSA-2013:0820-01, RHSA-2013:0821-01, SSA:2013-135-01, SSA:2013-135-02, SSA:2013-136-01, SUSE-SU-2013:0842-1, SUSE-SU-2013:0843-1, VIGILANCE-VUL-12815
Linux kernel: privilege escalation via PERF_EVENTS
A local attacker can use the perf_event_open() system call with an invalid event, in order to escalate his privileges...
BID-59846, CERTA-2013-ALE-005, CERTA-2013-AVI-323, CERTA-2013-AVI-324, CERTA-2013-AVI-375, CVE-2013-2094, DSA-2669-1, MDVSA-2013:176, openSUSE-SU-2013:0847-1, openSUSE-SU-2013:0951-1, openSUSE-SU-2013:1042-1, RHSA-2013:0829-01, RHSA-2013:0830-01, RHSA-2013:0832-01, RHSA-2013:0840-01, RHSA-2013:0841-01, sol14445, SSA:2013-140-01, SUSE-SU-2013:0819-1, SUSE-SU-2013:0819-2, VIGILANCE-VUL-12794, VU#774103
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Sarge: