The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Debian Sarge

3 libupnp: buffer overflow via UPnP SSDP
An attacker can send a malicious UDP packet to applications compiled with libupnp, in order to execute code...
CERTA-2013-AVI-073, CERTA-2013-AVI-078, cisco-sa-20130129-upnp, CVE-2012-5958, CVE-2012-5959, CVE-2012-5960, CVE-2012-5961, CVE-2012-5962, CVE-2012-5963, CVE-2012-5964, CVE-2012-5965, DSA-2614-1, DSA-2615-1, FEDORA-2013-1713, FEDORA-2013-1734, FEDORA-2013-1765, FEDORA-2013-2352, FEDORA-2013-2377, MDVSA-2013:098, openSUSE-SU-2013:0255-1, VIGILANCE-VUL-12360, VU#922681
2 Samba: vulnerabilities of SWAT
An attacker can use two vulnerabilities of Samba Web Administration Tool, in order to trigger a Clickjacking or a Cross Site Request Forgery...
BID-57631, c05115993, CERTA-2013-AVI-387, CERTFR-2014-AVI-112, CVE-2013-0213, CVE-2013-0214, DSA-2617-1, FEDORA-2013-1654, FEDORA-2013-1667, FEDORA-2013-1716, FEDORA-2013-1718, HPSBUX03574, MDVSA-2013:011, openSUSE-SU-2013:0277-1, openSUSE-SU-2013:0281-1, RHSA-2013:1310-01, RHSA-2013:1542-02, RHSA-2014:0305-01, SUSE-SU-2013:0325-1, SUSE-SU-2013:0326-1, SUSE-SU-2013:0519-1, USN-2922-1, VIGILANCE-VUL-12357
2 Wireshark: nine vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service...
BID-57615, BID-57616, BID-57618, BID-57619, BID-57620, BID-57622, BID-57625, BID-57626, BID-57647, CERTA-2013-AVI-085, CVE-2013-1572, CVE-2013-1573, CVE-2013-1574, CVE-2013-1575, CVE-2013-1576, CVE-2013-1577, CVE-2013-1578, CVE-2013-1579, CVE-2013-1580, CVE-2013-1581, CVE-2013-1582, CVE-2013-1583, CVE-2013-1584, CVE-2013-1585, CVE-2013-1586, CVE-2013-1587, CVE-2013-1588, CVE-2013-1589, CVE-2013-1590, DLA-497-1, DSA-2625-1, DTLS-57621, MDVSA-2013:020, openSUSE-SU-2013:0276-1, openSUSE-SU-2013:0285-1, VIGILANCE-VUL-12356, wnpa-sec-2013-01, wnpa-sec-2013-02, wnpa-sec-2013-03, wnpa-sec-2013-04, wnpa-sec-2013-05, wnpa-sec-2013-06, wnpa-sec-2013-07, wnpa-sec-2013-08, wnpa-sec-2013-09
1 Xen: denial of service via VT-d and PCI Bridge
When a PCI device is reachable from a Xen guest system, a local attacker can inject interruptions, which are transmitted to other guests, and lead to a denial of service...
BID-57223, CERTA-2013-AVI-045, CVE-2012-5634, DSA-2636-1, DSA-2636-2, FEDORA-2013-0608, FEDORA-2013-0627, openSUSE-SU-2013:0636-1, openSUSE-SU-2013:0637-1, openSUSE-SU-2013:0912-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12319
2 ProFTPD: permission change via UserOwner
When ProFTPD uses the UserOwner directive, a local attacker can create a directory under a symbolic link, in order to force ProFTPD to change permissions of another directory...
3841, BID-57172, CERTA-2013-AVI-006, CERTA-2013-AVI-543, CERTFR-2014-AVI-112, CERTFR-2014-AVI-244, CVE-2012-6095, DSA-2606-1, FEDORA-2013-0437, FEDORA-2013-0468, FEDORA-2013-0483, MDVSA-2013:053, VIGILANCE-VUL-12288
1 Linux kernel: detecting keyboard strokes with /dev/ptmx
A local attacker can monitor the activity of /dev/ptmx, in order to detect when a user presses a key...
BID-57176, CERTA-2013-AVI-324, CERTA-2013-AVI-356, CERTFR-2014-AVI-106, CVE-2013-0160, DSA-2669-1, openSUSE-SU-2013:0395-1, openSUSE-SU-2013:0396-1, openSUSE-SU-2013:0925-1, openSUSE-SU-2013:1187-1, SUSE-SU-2013:0674-1, SUSE-SU-2013:0759-1, SUSE-SU-2013:0759-2, SUSE-SU-2013:0786-1, SUSE-SU-2013:1022-2, SUSE-SU-2013:1022-3, SUSE-SU-2013:1151-1, SUSE-SU-2013:1182-2, SUSE-SU-2019:14051-1, USN-2128-1, USN-2129-1, VIGILANCE-VUL-12287
3 Windows, NSS: fraudulent certificates emitted by TURKTRUST
The TURKTRUST certification authority, which is trusted by Windows and NSS, delivered certificates to attackers, used to sign malicious web sites...
2798897, DSA-2599-1, FEDORA-2013-0231, FEDORA-2013-0261, FEDORA-2013-0271, MDVSA-2013:003, MDVSA-2013:050, RHSA-2013:0213-01, RHSA-2013:0214-01, SA73, VIGILANCE-VUL-12280
2 Asterisk: two denial of service
An attacker can use two vulnerabilities of Asterisk, in order to consume resources, leading to a denial of service...
20175, 20658, AST-2012-014, AST-2012-015, BID-57105, BID-57106, CERTA-2013-AVI-003, CVE-2012-5976, CVE-2012-5977, DSA-2605-1, DSA-2605-2, FEDORA-2013-0992, FEDORA-2013-0994, FEDORA-2013-1003, VIGILANCE-VUL-12279
1 GnuPG: database corruption via a public key
An attacker can create a malformed public key, and can invite a GnuPG user to import it, in order to stop the application, or to corrupt the keyring database...
BID-57102, CVE-2012-6085, DSA-2601-1, FEDORA-2013-0222, FEDORA-2013-0258, FEDORA-2013-0459, FEDORA-2013-0477, K11785283, MDVSA-2013:001, MDVSA-2013:001-1, openSUSE-SU-2013:0849-1, openSUSE-SU-2013:0880-1, openSUSE-SU-2013:0957-1, RHSA-2013:1458-01, RHSA-2013:1459-01, SOL11785283, VIGILANCE-VUL-12275
1 QEMU: buffer overflow via e1000
An attacker can send Jumbo Ethernet frames to a guest QEMU system with an e1000 device, in order to generate a buffer overflow, leading to a denial of service and possibly to code execution...
BID-57420, CERTA-2013-AVI-045, CVE-2012-6075, DSA-2607-1, DSA-2608-1, DSA-2619-1, FEDORA-2013-0934, FEDORA-2013-0965, FEDORA-2013-0971, FEDORA-2013-1269, FEDORA-2013-1274, MDVSA-2013:121, openSUSE-SU-2013:0636-1, openSUSE-SU-2013:0637-1, openSUSE-SU-2013:1404-1, RHSA-2013:0599-01, RHSA-2013:0608-01, RHSA-2013:0609-01, RHSA-2013:0610-01, RHSA-2013:0636-01, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12274, XSA-41
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Sarge: