The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Stretch

Apache httpd: access to another server via mod_proxy
An attacker can use a malicious HTTP query, when mod_proxy uses RewriteRule or ProxyPassMatch, in order to access to web resources of another server...
BID-49957, c03231301, CERTA-2011-AVI-562, CERTA-2011-AVI-607, CERTA-2012-AVI-050, CERTA-2012-AVI-156, CVE-2011-3368, DSA-2405-1, FEDORA-2012-1598, FEDORA-2012-1642, HPSBMU02748, JSA10585, MDVSA-2011:144, openSUSE-SU-2012:0212-1, openSUSE-SU-2012:0248-1, openSUSE-SU-2013:0243-1, openSUSE-SU-2014:1647-1, RHSA-2011:1391-01, RHSA-2011:1392-01, RHSA-2012:0542-01, RHSA-2012:0543-01, SOL15889, SSA:2012-041-01, SSRT100772, SUSE-SU-2011:1229-1, SUSE-SU-2011:1309-1, SUSE-SU-2011:1322-1, VIGILANCE-VUL-11041
Cyrus IMAPd: access to NTTP without authentication
An attacker can access to the NNTP service of Cyrus IMAPd, without entering a password...
BID-49949, CERTA-2003-AVI-005, CERTA-2011-AVI-551, CVE-2011-3372, DSA-2318-1, MDVSA-2011:149, openSUSE-SU-2011:1170-1, RHSA-2011:1508-01, SUSE-SU-2011:1173-1, VIGILANCE-VUL-11037
Perl FCGI: variable disclosure
When a CGI script uses the Perl FCGI or CGI::Fast module, an attacker can obtain variables defined during the first query...
607479, 68380, 736604, CERTA-2002-AVI-275, CVE-2011-2766, DSA-2327-1, FEDORA-2011-13230, FEDORA-2011-13236, MDVSA-2012:001, openSUSE-SU-2012:0004-1, openSUSE-SU-2012:0036-1, VIGILANCE-VUL-11030
SeaMonkey: several vulnerabilities
Several vulnerabilities of SeaMonkey can be used by an attacker to execute code on victim's computer...
BID-49800, BID-49808, BID-49810, BID-49811, BID-49812, BID-49813, BID-49837, BID-49845, BID-49847, BID-49848, BID-49849, BID-49850, BID-49852, BID-51786, CERTA-2003-AVI-005, CERTA-2011-AVI-537, CVE-2011-2372, CVE-2011-2995, CVE-2011-2996, CVE-2011-2997, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3002, CVE-2011-3003, CVE-2011-3004, CVE-2011-3005, CVE-2011-3232, CVE-2011-3670, CVE-2011-3866, DSA-2312-1, DSA-2402-1, MFSA 2011-36, MFSA 2011-38, MFSA 2011-39, MFSA 2011-40, MFSA 2011-41, MFSA 2011-42, MFSA 2011-43, MFSA 2011-44, MFSA 2011-45, MFSA 2012-02, openSUSE-SU-2011:1076-1, openSUSE-SU-2011:1076-2, openSUSE-SU-2011:1076-3, openSUSE-SU-2011:1077-1, openSUSE-SU-2011:1079-1, openSUSE-SU-2011:1290-1, openSUSE-SU-2012:0567-1, RHSA-2011:1344-01, SUSE-SU-2011:1096-1, VIGILANCE-VUL-11024
Thunderbird 5, 6: several vulnerabilities
Several vulnerabilities of Thunderbird can be used by an attacker to execute code on victim's computer...
BID-49800, BID-49808, BID-49810, BID-49811, BID-49812, BID-49837, BID-49845, BID-49848, BID-49849, BID-49850, BID-51786, CERTA-2003-AVI-005, CERTA-2011-AVI-537, CVE-2011-2372, CVE-2011-2995, CVE-2011-2996, CVE-2011-2997, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3005, CVE-2011-3232, CVE-2011-3670, DSA-2317-1, FEDORA-2011-13442, FEDORA-2011-13450, MDVSA-2011:140, MDVSA-2011:142, MFSA 2011-36, MFSA 2011-38, MFSA 2011-39, MFSA 2011-40, MFSA 2011-42, MFSA 2011-44, MFSA 2012-02, openSUSE-SU-2011:1076-1, openSUSE-SU-2011:1076-2, openSUSE-SU-2011:1077-1, openSUSE-SU-2011:1079-1, openSUSE-SU-2012:0567-1, RHSA-2011:1342-01, RHSA-2011:1343-01, SUSE-SU-2011:1096-1, VIGILANCE-VUL-11023
Firefox 3: several vulnerabilities
Several vulnerabilities of Firefox can be used by an attacker to execute code on victim's computer...
BID-49800, BID-49809, BID-49810, BID-49811, BID-49812, BID-49837, BID-49845, BID-49848, BID-49849, CERTA-2003-AVI-005, CERTA-2011-AVI-537, CVE-2011-2372, CVE-2011-2995, CVE-2011-2996, CVE-2011-2997, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3867-REJECT, DSA-2313-1, MDVSA-2011:139, MFSA 2011-36, MFSA 2011-37, MFSA 2011-38, MFSA 2011-39, MFSA 2011-40, openSUSE-SU-2011:1076-1, openSUSE-SU-2011:1076-2, openSUSE-SU-2011:1077-1, openSUSE-SU-2011:1079-1, openSUSE-SU-2014:1100-1, RHSA-2011:1341-01, SUSE-SU-2011:1096-1, VIGILANCE-VUL-11018
FreeBSD: buffer overflow via Unix Socket
A local attacker can use a Unix socket, in order to create an overflow in the FreeBSD kernel...
BID-49862, CERTA-2002-AVI-275, CVE-2011-3633-REJECT, CVE-2011-4062, DSA-2325-1, FreeBSD-SA-11-05.unix, FreeBSD-SA-11:05.unix, VIGILANCE-VUL-11020
Quagga Routing Suite: five vulnerabilities
Five vulnerabilities in Quagga Routing Suite can be used by an attacker to create a denial of service or possibly to execute code...
BID-49784, CERTA-2003-AVI-005, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, CVE-2011-3326, CVE-2011-3327, DSA-2316-1, FEDORA-2011-13499, FEDORA-2011-13504, openSUSE-SU-2011:1155-1, RHSA-2012:1258-01, RHSA-2012:1259-01, SUSE-SU-2011:1075-1, SUSE-SU-2011:1316-1, VIGILANCE-VUL-11015, VU#668534
SSL, TLS: obtaining HTTPS Cookies, BEAST
An attacker, who can control HTTPS connections of victim's web browser and which has a sufficient bandwidth, can use several SSL sessions in order to compute HTTP headers, such as cookies...
2588513, 2643584, 2655992, AST-2016-001, BID-49778, BID-54304, c03122753, CERTA-2012-AVI-381, CERTFR-2016-AVI-046, CERTFR-2019-AVI-311, CVE-2004-2770-REJECT, CVE-2011-3389, CVE-2012-1870, DSA-2368-1, DSA-2398-1, DSA-2398-2, FEDORA-2012-5916, FEDORA-2012-5924, FEDORA-2012-9135, FEDORA-2014-13764, FEDORA-2014-13777, HPSBUX02730, javacpuoct2011, MDVSA-2012:058, MDVSA-2012:096, MDVSA-2012:096-1, MDVSA-2012:097, MS12-006, MS12-049, openSUSE-SU-2012:0030-1, openSUSE-SU-2012:0063-1, openSUSE-SU-2012:0199-1, openSUSE-SU-2012:0229-1, openSUSE-SU-2012:0667-1, openSUSE-SU-2020:0086-1, RHSA-2012:0034-01, RHSA-2013:1455-01, RHSA-2013:1456-01, sk74100, sk86440, SOL13400, SSA-556833, SSRT100710, SUSE-SU-2012:0114-1, SUSE-SU-2012:0114-2, SUSE-SU-2012:0122-1, SUSE-SU-2012:0122-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, swg21568229, VIGILANCE-VUL-11014, VU#864643
Apache Tomcat: vulnerabilities of HTTP Digest authentication
Several vulnerabilities of the HTTP Digest authentication implementation of Apache Tomcat weaken this algorithm...
BID-49762, CERTA-2012-AVI-066, CVE-2011-1184, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064, DSA-2401-1, FEDORA-2011-15005, MDVSA-2011:156, openSUSE-SU-2012:0208-1, PSN-2012-05-584, RHSA-2011:1780-01, RHSA-2011:1845-01, RHSA-2012:0041-01, RHSA-2012:0074-01, RHSA-2012:0075-01, RHSA-2012:0076-01, RHSA-2012:0077-01, RHSA-2012:0078-01, RHSA-2012:0091-01, RHSA-2012:0325-01, RHSA-2012:0679-01, RHSA-2012:0680-01, RHSA-2012:0681-01, RHSA-2012:0682-01, SUSE-SU-2012:0155-1, VIGILANCE-VUL-11011
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Stretch: