The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Squeeze

Nagios: buffer overflow in history.cgi
An attacker can call the CGI program from Nagios named history.cgi with malicious arguments, in order to make the service stop or execute arbitrary machine code...
BID-56879, CERTA-2013-AVI-066, CVE-2012-6096, DSA-2616-1, DSA-2653-1, FEDORA-2013-0732, FEDORA-2013-0752, FEDORA-2013-0753, MDVSA-2013:028, openSUSE-SU-2013:0140-1, openSUSE-SU-2013:0169-1, openSUSE-SU-2013:0188-1, openSUSE-SU-2013:0206-1, VIGILANCE-VUL-12219
Apache Tomcat: authentication bypass via URL mangling
An attacker who must go through authentication via a form, can append /j_security_check to to URL, in order to bypass the authentication process...
BID-56812, c03734195, c03824583, CERTA-2012-AVI-706, CERTA-2013-AVI-145, CERTA-2013-AVI-440, CERTFR-2014-AVI-112, CVE-2012-3546, DSA-2725-1, FEDORA-2012-20151, HPSBMU02894, HPSBUX02866, openSUSE-SU-2012:1700-1, openSUSE-SU-2012:1701-1, openSUSE-SU-2013:0147-1, RHSA-2013:0004-01, RHSA-2013:0005-01, RHSA-2013:0146-01, RHSA-2013:0147-01, RHSA-2013:0151-01, RHSA-2013:0157-01, RHSA-2013:0158-01, RHSA-2013:0162-01, RHSA-2013:0163-01, RHSA-2013:0164-01, RHSA-2013:0191-01, RHSA-2013:0192-01, RHSA-2013:0193-01, RHSA-2013:0194-01, RHSA-2013:0195-01, RHSA-2013:0196-01, RHSA-2013:0197-01, RHSA-2013:0198-01, RHSA-2013:0221-01, RHSA-2013:0235-01, RHSA-2013:0623-01, RHSA-2013:0640-01, RHSA-2013:0641-01, RHSA-2013:0642-01, SSRT101139, VIGILANCE-VUL-12208
Apache Tomcat: denial of service via SSL and NIO
An attacker who access Tomcat using the NIO connector and an SSL enabled connection, can cause excessive computing power, in order to deny service...
BID-56813, c03734195, CERTA-2012-AVI-706, CERTA-2013-AVI-145, CERTFR-2014-AVI-112, CVE-2012-4534, DSA-2725-1, FEDORA-2012-20151, HPSBUX02866, openSUSE-SU-2013:0161-1, openSUSE-SU-2013:0170-1, openSUSE-SU-2013:0192-1, RHSA-2013:0265-01, RHSA-2013:0266-01, RHSA-2013:0623-01, SSRT101139, VIGILANCE-VUL-12207, VMSA-2013-0006
Xen: hanging via complex memory management hypercalls
A local attacker, who is administrator in a guest system, can use several hypercalls related to memory management with complex arguments, in order to block internal critical operations...
BID-56798, CERTA-2012-AVI-703, CTX135777, CVE-2012-5515, DSA-2582-1, FEDORA-2012-19717, FEDORA-2012-19828, openSUSE-SU-2012:1685-1, openSUSE-SU-2012:1687-1, openSUSE-SU-2013:0133-1, openSUSE-SU-2013:0636-1, openSUSE-SU-2013:0637-1, RHSA-2013:0168-01, SUSE-SU-2012:1606-1, SUSE-SU-2012:1615-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12205, XSA-31
Xen: denial of service via unlocking bypass
An attacker can force Xen to skip an unlocking, which leads to permanent blocking of Xen...
BID-56803, CERTA-2012-AVI-703, CTX135777, CVE-2012-5514, DSA-2582-1, FEDORA-2012-19717, FEDORA-2012-19828, openSUSE-SU-2012:1685-1, openSUSE-SU-2012:1687-1, openSUSE-SU-2013:0133-1, openSUSE-SU-2013:0636-1, openSUSE-SU-2013:0637-1, SUSE-SU-2012:1615-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12204, XSA-30
Xen: invalid access via the hypercall XENMEM_exchange
An attacker can pass malicious adress intervals to the hypercall XENMEM_exchange(), in order to corrupt the Xen's memory or make it halt...
BID-56797, CERTA-2012-AVI-703, CTX135777, CVE-2012-5513, DSA-2582-1, FEDORA-2012-19717, FEDORA-2012-19828, openSUSE-SU-2012:1685-1, openSUSE-SU-2012:1687-1, openSUSE-SU-2013:0133-1, openSUSE-SU-2013:0636-1, openSUSE-SU-2013:0637-1, RHSA-2012:1540-01, SUSE-SU-2012:1606-1, SUSE-SU-2012:1615-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12203, XSA-29
Xen: denial of service via control operations
An attacker can call hypercall for operation control with malicious arguments, in order to deny service...
BID-56796, CERTA-2012-AVI-703, CTX135777, CVE-2012-5511, CVE-2012-6333, DSA-2636-1, DSA-2636-2, FEDORA-2012-19717, FEDORA-2012-19828, openSUSE-SU-2012:1685-1, openSUSE-SU-2012:1687-1, openSUSE-SU-2013:0133-1, openSUSE-SU-2013:0636-1, openSUSE-SU-2013:0637-1, SUSE-SU-2012:1615-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12201, XSA-27
Xen: denial of service via the grant tables
A local attacker, who is administrator in a guest system, can modify the version of the tables that store permissions for shared memory pages, in order to make the hypervisor halt...
BID-56794, CERTA-2012-AVI-703, CTX135777, CVE-2012-5510, DSA-2582-1, FEDORA-2012-19717, FEDORA-2012-19828, openSUSE-SU-2012:1685-1, openSUSE-SU-2012:1687-1, openSUSE-SU-2013:0133-1, openSUSE-SU-2013:0636-1, openSUSE-SU-2013:0637-1, SUSE-SU-2012:1615-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12200, XSA-26
MySQL: five vulnerabilities
Several vulnerabilities of MySQL can be used by a remote attacker to create a denial of service, raise its privileges, or execute some code...
881064, 882600, 882606, 882607, 882608, BID-56766, BID-56768, BID-56769, BID-56771, BID-56776, bulletinoct2015, CERTA-2012-ALE-007, CERTA-2012-ALE-007-001, CERTA-2012-AVI-701, cpuapr2013, cpujan2013, CVE-2012-5579-REJECT, CVE-2012-5611, CVE-2012-5612, CVE-2012-5613, CVE-2012-5614, CVE-2012-5615, DSA-2581-1, DSA-3054-1, FEDORA-2012-19823, FEDORA-2012-19833, FEDORA-2014-14791, MDVSA-2012:178, MDVSA-2013:008, MDVSA-2013:102, MDVSA-2015:091, openSUSE-SU-2013:0011-1, openSUSE-SU-2013:0013-1, openSUSE-SU-2013:0014-1, openSUSE-SU-2013:0135-1, openSUSE-SU-2013:0156-1, openSUSE-SU-2013:1412-1, RHSA-2012:1551-01, RHSA-2013:0180-01, RHSA-2014:1937-01, RHSA-2014:1940-01, SSA:2013-022-01, SUSE-SU-2013:0262-1, SUSE-SU-2015:0620-1, SUSE-SU-2015:0743-1, USN-2384-1, VIGILANCE-VUL-12198
libxml2: buffer overflow via entities references
An attacker can create an XML file containing malicious entities references, in order to execute code...
CERTA-2013-AVI-208, CERTA-2013-AVI-337, CERTA-2013-AVI-387, CERTFR-2014-AVI-112, CERTFR-2015-AVI-023, CVE-2012-5134, DSA-2019-197, DSA-2580-1, ESX400-201305001, ESX400-201305402-SG, ESX400-201305404-SG, ESX410-201304001, ESX410-201304401-SG, ESXi400-201305001, ESXi400-201305401-SG, ESXi410-201304001, ESXi410-201304401-SG, ESXi500-201303001, ESXi500-201303101-SG, ESXi500-201303102-SG, ESXi510-201304101-SG, JSA10669, MDVSA-2012:176, MDVSA-2013:056, openSUSE-SU-2012:1637-1, openSUSE-SU-2012:1647-1, openSUSE-SU-2013:0178-1, RHSA-2012:1512-01, RHSA-2013:0217-01, SA44073-2019-03, SSA:2012-341-03, SUSE-SU-2012:1636-1, SUSE-SU-2013:1625-1, SUSE-SU-2013:1627-1, VIGILANCE-VUL-12197, VMSA-2012-0018.2, VMSA-2013-0001.3, VMSA-2013-0001.5, VMSA-2013-0004, VMSA-2013-0004.1, VMSA-2013-0004.2, VMSA-2013-0004.3, VMSA-2013-0007
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Squeeze: