The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Stretch

Linux kernel: denial of service via GRO frag0
When GRO is enabled, an attacker can send numerous packets, in order to stop the system...
BID-48929, CVE-2011-2723, DSA-2303-1, DSA-2303-2, FEDORA-2011-12874, openSUSE-SU-2012:0206-1, openSUSE-SU-2012:0236-1, PSN-2012-11-767, RHSA-2011:1321-01, RHSA-2011:1350-01, RHSA-2011:1386-01, RHSA-2011:1408-01, RHSA-2012:0010-01, VIGILANCE-VUL-10879
TYPO3: several vulnerabilities
Several vulnerabilities of TYPO3 can be used by an attacker to obtain information, to elevate his privileges, or to create a denial of service...
BID-49072, CERTA-2003-AVI-037, DSA-2289-1, TYPO3-CORE-SA-2011-001, VIGILANCE-VUL-10875
Samba: two vulnerabilities of SWAT
An attacker can use two vulnerabilities of Samba Web Administration Tool, in order to create a Cross Site Request Forgery and a Cross Site Scripting...
8289, 8290, 8347, BID-48899, BID-48901, c03297338, CERTA-2011-AVI-416, CERTA-2011-AVI-493, CERTA-2012-AVI-232, CVE-2011-2522, CVE-2011-2694, DSA-2290-1, FEDORA-2011-10341, FEDORA-2011-10367, HPSBUX02768, MDVSA-2011:121, openSUSE-SU-2011:0998-1, RHSA-2011:1219-01, RHSA-2011:1220-01, RHSA-2011:1221-01, SSA:2011-210-03, SSRT100664, SUSE-SU-2011:0981-1, SUSE-SU-2011:0999-1, SUSE-SU-2011:1001-1, SUSE-SU-2011:1002-1, VIGILANCE-VUL-10871
phpMyAdmin: four vulnerabilities
An attacker can use four vulnerabilities of phpMyAdmin, in order to obtain information, or to execute code...
BID-48874, CERTA-2003-AVI-037, CERTA-2011-AVI-411, CVE-2011-2642, CVE-2011-2643, CVE-2011-2718, CVE-2011-2719, DSA-2286-1, FEDORA-2011-9725, FEDORA-2011-9734, MDVSA-2011:124, PMASA-2011-10, PMASA-2011-11, PMASA-2011-12, PMASA-2011-9, TYPO3-EXT-SA-2011-001, VIGILANCE-VUL-10867
Linux kernel: memory corruption via si4713
A local attacker can use the radio si4713 driver, in order to corrupt the memory, which leads to a denial of service or to code execution...
BID-48804, CVE-2011-2700, DSA-2303-1, DSA-2303-2, openSUSE-SU-2012:0799-1, openSUSE-SU-2012:1439-1, SUSE-SA:2011:038, SUSE-SU-2011:0984-1, SUSE-SU-2011:0984-2, SUSE-SU-2011:0984-3, VIGILANCE-VUL-10860
Linux kernel: buffer overflow via auerswald_probe
An attacker with a physical access can plug a malicious USB device, in order to create an overflow in the Auerswald driver, which creates a denial of service or leads to code execution...
BID-48687, CERTA-2003-AVI-005, CVE-2009-4067, DSA-2310-1, RHSA-2011:1386-01, SUSE-SA:2011:042, SUSE-SU-2011:1195-1, VIGILANCE-VUL-10845
libsndfile: integer overflow via PAF
An attacker can create a malicious PAF file and invite the victim to open it, in order to create a denial of service in applications linked to libsndfile...
CERTA-2003-AVI-037, CVE-2011-2696, DSA-2288-1, FEDORA-2011-9319, FEDORA-2011-9325, MDVSA-2011:119, openSUSE-SU-2011:0854-1, openSUSE-SU-2011:0855-1, RHSA-2011:1084-01, SUSE-SU-2011:0856-1, VIGILANCE-VUL-10843
Apache Tomcat: denial of service via sendfile
A malicious web application can use sendfile(), in order to bypass file access restrictions, defined by SecurityManager...
BID-48667, c03090723, CVE-2011-2526, DSA-2401-1, HPSBUX02725, MDVSA-2011:156, PSN-2012-05-584, RHSA-2011:1780-01, RHSA-2012:0041-01, RHSA-2012:0074-01, RHSA-2012:0075-01, RHSA-2012:0076-01, RHSA-2012:0077-01, RHSA-2012:0078-01, RHSA-2012:0091-01, RHSA-2012:0325-01, RHSA-2012:0679-01, RHSA-2012:0680-01, RHSA-2012:0681-01, RHSA-2012:0682-01, SSRT100627, VIGILANCE-VUL-10842
QEMU: privileges not dropped with runas
When QEMU is called with the "-runas" option, it continues running with root supplementary groups...
807893, BID-48659, CERTA-2003-AVI-037, CVE-2011-2527, DSA-2282-1, FEDORA-2012-8592, FEDORA-2012-8604, openSUSE-SU-2012:0207-1, RHSA-2011:1531-03, VIGILANCE-VUL-10838
Apache httpd: SQL injection via mod_authnz_external
When Apache httpd uses the module mod_authnz_external, an attacker can use a malicious login name, in order to inject a SQL query in the MySQL database...
BID-48653, CERTA-2003-AVI-004, CVE-2011-2688, DSA-2279-1, VIGILANCE-VUL-10836
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Stretch: