The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Squeeze

OpenSSL: information disclosure in CBC mode, Lucky 13
An attacker can inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session...
1643316, c03710522, c03883001, CERTA-2013-AVI-454, CERTFR-2019-AVI-325, CVE-2013-0169, DSA-2621-1, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESXi410-201307001, ESXi410-201307401-SG, FEDORA-2013-2793, FEDORA-2013-2834, FEDORA-2013-4403, FreeBSD-SA-13:03.openssl, HPSBUX02856, HPSBUX02909, JSA10575, JSA10759, JSA10939, Lucky 13, MDVSA-2013:018, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2016:0640-1, RHSA-2013:0587-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, RHSA-2013:1455-01, RHSA-2013:1456-01, RHSA-2014:0416-01, SB10041, SSA:2013-042-01, SSRT101104, SSRT101289, SUSE-SU-2014:0320-1, VIGILANCE-VUL-12394, VMSA-2013-0009
PostgreSQL: denial of service via enum_recv
An authenticated attacker can call enum_recv, in order to read the memory of PostgreSQL, or to stop it...
907892, BID-57844, CERTA-2013-AVI-103, CVE-2013-0255, DSA-2630-1, FEDORA-2013-2123, FEDORA-2013-2152, MDVSA-2013:012, MDVSA-2013:142, openSUSE-SU-2013:0318-1, openSUSE-SU-2013:0319-1, RHSA-2013:1475-01, VIGILANCE-VUL-12390
FFmpeg: several vulnerabilities
An attacker can create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer...
BID-57868, BID-62397, CVE-2013-0844, CVE-2013-0845, CVE-2013-0846, CVE-2013-0847, CVE-2013-0848, CVE-2013-0849, CVE-2013-0850, CVE-2013-0851, CVE-2013-0852, CVE-2013-0853, CVE-2013-0854, CVE-2013-0855, CVE-2013-0856, CVE-2013-0857, CVE-2013-0858, CVE-2013-0859, CVE-2013-0860, CVE-2013-0861, CVE-2013-0862, CVE-2013-0863, CVE-2013-0864, CVE-2013-0865, CVE-2013-0866, CVE-2013-0867, CVE-2013-0868, CVE-2013-0869, DSA-2793-1, DSA-2855-1, DSA-3003-1, MDVSA-2014:227, USN-2309-1, VIGILANCE-VUL-12387
Xen: denial of service via pciback
An attacker, who is located in a guest system, can trigger numerous PCI errors, in order to overload the host system...
BID-57740, CERTA-2013-AVI-098, CERTA-2013-AVI-158, CERTA-2013-AVI-259, CERTA-2013-AVI-412, CERTA-2013-AVI-496, CTX136540, CTX138633, CVE-2013-0231, DSA-2632-1, FEDORA-2013-2728, MDVSA-2013:194, openSUSE-SU-2013:0395-1, openSUSE-SU-2013:0396-1, openSUSE-SU-2013:0925-1, openSUSE-SU-2013:1619-1, RHSA-2013:0747-01, SUSE-SU-2013:0674-1, SUSE-SU-2013:0759-1, SUSE-SU-2013:0759-2, SUSE-SU-2013:0786-1, SUSE-SU-2019:14051-1, VIGILANCE-VUL-12380, XSA-43
OpenSSL: denial of service via OCSP
An attacker can setup a malicious OCSP server, in order to stop OpenSSL applications which connect...
1643316, BID-57755, BID-60268, c03710522, c03883001, CERTA-2013-AVI-099, CERTA-2013-AVI-387, CERTA-2013-AVI-454, CERTFR-2014-AVI-112, CVE-2013-0166, DSA-2621-1, ESX400-201310001, ESX400-201310401-SG, ESX400-201310402-SG, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESXi410-201307001, ESXi410-201307401-SG, FEDORA-2013-2793, FEDORA-2013-2834, FreeBSD-SA-13:03.openssl, HPSBUX02856, HPSBUX02909, JSA10575, JSA10580, MDVSA-2013:018, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2016:0640-1, RHSA-2013:0587-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, sol14261, SSA:2013-040-01, SSRT101104, SSRT101289, VIGILANCE-VUL-12378, VMSA-2013-0006.1, VMSA-2013-0009, VMSA-2013-0009.1, VMSA-2013-0009.2
Xen: denial of service via AMD IOMMU
An attacker, who is located in a guest system with a PCI access, can send interruptions to other systems, in order to create a denial of service...
BID-57745, CERTA-2013-AVI-098, CERTA-2013-AVI-158, CTX136540, CVE-2013-0153, DSA-2636-1, DSA-2636-2, FEDORA-2013-2002, FEDORA-2013-2225, openSUSE-SU-2013:0636-1, openSUSE-SU-2013:0637-1, openSUSE-SU-2013:0912-1, RHSA-2013:0847-01, SUSE-SU-2014:0446-1, VIGILANCE-VUL-12375, XSA-36
TLS, DTLS: information disclosure in CBC mode, Lucky 13
An attacker can inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session...
1639354, 1643316, 1672363, BID-57736, BID-57774, BID-57776, BID-57777, BID-57778, BID-57780, BID-57781, c03710522, c03883001, CERTA-2013-AVI-099, CERTA-2013-AVI-109, CERTA-2013-AVI-339, CERTA-2013-AVI-454, CERTA-2013-AVI-543, CERTA-2013-AVI-657, CERTFR-2014-AVI-112, CERTFR-2014-AVI-244, CERTFR-2014-AVI-286, CERTFR-2019-AVI-311, CERTFR-2019-AVI-325, CVE-2013-0169, CVE-2013-1619, CVE-2013-1620, CVE-2013-1621, CVE-2013-1622-REJECT, CVE-2013-1623, CVE-2013-1624, DLA-1518-1, DSA-2621-1, DSA-2622-1, ESX400-201310001, ESX400-201310401-SG, ESX400-201310402-SG, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESX410-201312001, ESX410-201312401-SG, ESX410-201312403-SG, ESXi410-201307001, ESXi410-201307401-SG, ESXi510-201401101-SG, FEDORA-2013-2110, FEDORA-2013-2128, FEDORA-2013-2764, FEDORA-2013-2793, FEDORA-2013-2813, FEDORA-2013-2834, FEDORA-2013-2892, FEDORA-2013-2929, FEDORA-2013-2984, FEDORA-2013-3079, FEDORA-2013-4403, FreeBSD-SA-13:03.openssl, GNUTLS-SA-2013-1, HPSBUX02856, HPSBUX02909, IC90385, IC90395, IC90396, IC90397, IC90660, IC93077, JSA10575, JSA10580, JSA10759, JSA10939, JSA11023, Lucky 13, MDVSA-2013:014, MDVSA-2013:018, MDVSA-2013:019, MDVSA-2013:040, MDVSA-2013:050, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2013:0807-1, openSUSE-SU-2016:0640-1, RHSA-2013:0273-01, RHSA-2013:0274-01, RHSA-2013:0275-01, RHSA-2013:0531-01, RHSA-2013:0532-01, RHSA-2013:0587-01, RHSA-2013:0588-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, RHSA-2013:1135-01, RHSA-2013:1144-01, RHSA-2013:1181-01, RHSA-2013:1455-01, RHSA-2013:1456-01, RHSA-2014:0371-01, RHSA-2014:0372-01, RHSA-2014:0896-01, RHSA-2015:1009, SOL14190, SOL15630, SSA:2013-040-01, SSA:2013-042-01, SSA:2013-242-01, SSA:2013-242-03, SSA:2013-287-03, SSA-556833, SSRT101104, SSRT101289, SUSE-SU-2013:0328-1, SUSE-SU-2014:0320-1, SUSE-SU-2014:0322-1, swg21633669, swg21638270, swg21639354, swg21640169, VIGILANCE-VUL-12374, VMSA-2013-0006.1, VMSA-2013-0007.1, VMSA-2013-0009, VMSA-2013-0009.1, VMSA-2013-0009.2, VMSA-2013-0009.3, VMSA-2013-0015
Squid: memory leaks in cachemgr.cgi
An attacker can send inconsistent requests to cachemgr.cgi, in order to make it allocate too much memory and eventually halt...
895972, BID-57646, CERTA-2013-AVI-362, CVE-2013-0189, DSA-2631-1, FEDORA-2013-1616, FEDORA-2013-1625, MDVSA-2013:013, MDVSA-2013:129, openSUSE-SU-2013:1436-1, openSUSE-SU-2013:1443-1, VIGILANCE-VUL-12365
libupnp: buffer overflow via UPnP SSDP
An attacker can send a malicious UDP packet to applications compiled with libupnp, in order to execute code...
CERTA-2013-AVI-073, CERTA-2013-AVI-078, cisco-sa-20130129-upnp, CVE-2012-5958, CVE-2012-5959, CVE-2012-5960, CVE-2012-5961, CVE-2012-5962, CVE-2012-5963, CVE-2012-5964, CVE-2012-5965, DSA-2614-1, DSA-2615-1, FEDORA-2013-1713, FEDORA-2013-1734, FEDORA-2013-1765, FEDORA-2013-2352, FEDORA-2013-2377, MDVSA-2013:098, openSUSE-SU-2013:0255-1, VIGILANCE-VUL-12360, VU#922681
Samba: vulnerabilities of SWAT
An attacker can use two vulnerabilities of Samba Web Administration Tool, in order to trigger a Clickjacking or a Cross Site Request Forgery...
BID-57631, c05115993, CERTA-2013-AVI-387, CERTFR-2014-AVI-112, CVE-2013-0213, CVE-2013-0214, DSA-2617-1, FEDORA-2013-1654, FEDORA-2013-1667, FEDORA-2013-1716, FEDORA-2013-1718, HPSBUX03574, MDVSA-2013:011, openSUSE-SU-2013:0277-1, openSUSE-SU-2013:0281-1, RHSA-2013:1310-01, RHSA-2013:1542-02, RHSA-2014:0305-01, SUSE-SU-2013:0325-1, SUSE-SU-2013:0326-1, SUSE-SU-2013:0519-1, USN-2922-1, VIGILANCE-VUL-12357
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Squeeze: