Computer vulnerabilities of Debian Wheezy

Wireshark: denials of service
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service...
BID-36408, BID-36591, CERTA-2009-AVI-388, CERTA-2009-AVI-394, CERTA-2010-AVI-035, CVE-2009-2562, CVE-2009-2563, CVE-2009-3241, CVE-2009-3243, CVE-2009-3829, DSA-1942-1, FEDORA-2009-7998, FEDORA-2009-9837, MDVSA-2009:270, MDVSA-2009:292, MDVSA-2009:292-1, RHSA-2010:0360-01, SUSE-SR:2009:016, SUSE-SR:2009:020, SUSE-SR:2010:007, VIGILANCE-VUL-9026, VU#676492, wnpa-sec-2009-05, wnpa-sec-2009-06

Linux kernel: reading registers on x86_64
On a x86_64 processor, a local attacker can read registers R8 to R11...
BID-36576, CERTA-2002-AVI-244, CVE-2009-2910, DSA-1915-1, DSA-1928-1, FEDORA-2009-10525, RHSA-2009:1540-01, RHSA-2009:1671-01, RHSA-2010:0046-01, SA:2009:051, SUSE-SA:2009:054, SUSE-SA:2009:055, SUSE-SA:2009:056, SUSE-SA:2009:060, SUSE-SA:2010:012, SUSE-SU-2011:0928-1, VIGILANCE-VUL-9067, VMSA-2010-0009, VMSA-2010-0009.1

Samba: several vulnerabilities
An attacker can use several vulnerabilities of Samba, in order to access to files, or to generate a denial of service...
271069, 6888097, BID-36363, BID-36572, BID-36573, c01940841, CERTA-2009-AVI-420, CVE-2009-2813, CVE-2009-2906, CVE-2009-2948, DSA-1908-1, FEDORA-2009-10172, FEDORA-2009-10180, HPSBUX02479, MDVSA-2009:277, MDVSA-2009:282-1, MDVSA-2009:320, RHSA-2009:1528-01, RHSA-2009:1529-01, RHSA-2009:1585-01, SSA:2009-276-01, SSRT090212, SUSE-SR:2009:017, VIGILANCE-VUL-9065, VMSA-2010-0006, VMSA-2010-0006.1

Newt: buffer overflow of Textbox
An attacker can invite the victim to display malicious text data with an application linked with Newt, in order to execute code on his computer...
BID-36515, CERTA-2010-AVI-106, CVE-2009-2905, DSA-1894-1, FEDORA-2009-9957, FEDORA-2009-9961, MDVSA-2009:249, MDVSA-2009:249-1, RHSA-2009:1463-01, SUSE-SR:2009:017, VIGILANCE-VUL-9048, VMSA-2010-0004, VMSA-2010-0004.1, VMSA-2010-0004.2, VMSA-2010-0004.3

Linux kernel: privilege elevation via O_EXCL and NFSv4
An attacker can edit some files created on a NFSv4 share, in order to obtain privileges of a user...
524520, BID-36472, CERTA-2002-AVI-244, CVE-2009-3286, DSA-1915-1, DSA-1928-1, DSA-1929-1, RHSA-2009:1548-01, SUSE-SA:2009:060, SUSE-SA:2010:012, VIGILANCE-VUL-9035, VMSA-2010-0004, VMSA-2010-0004.1, VMSA-2010-0004.2, VMSA-2010-0004.3, VMSA-2010-0009, VMSA-2010-0009.1

Apache httpd: sending FTP commands via mod_proxy_ftp
An authenticated attacker can use mod_proxy_ftp to send FTP commands to a remote FTP server...
c02160663, c03236227, CVE-2009-3095, DSA-1934-1, FEDORA-2009-12606, FEDORA-2009-12747, HPSBMU02753, HPSBUX02531, MDVSA-2009:240, MDVSA-2009:323, RHSA-2009:1461-01, RHSA-2009:1579-02, RHSA-2009:1580-02, RHSA-2010:0011-01, RHSA-2010:0602-02, SSA:2010-024-01, SSRT100108, SSRT100782, SUSE-SA:2009:050, TLSA-2009-30, VIGILANCE-VUL-9038

Horde: several vulnerabilities
Three vulnerabilities of Horde can be used by an attacker in order to create files or to generate a Cross Site Scripting...
8311, 8399, CVE-2009-3236, CVE-2009-3237, DSA-1897-1, DSA-1966-1, FEDORA-2010-5483, FEDORA-2010-5520, FEDORA-2010-5563, SUSE-SR:2010:004, VIGILANCE-VUL-9022

Linux kernel: denial of service via hypercalls
On a x86 processor, an attacker located in a KVM guest system can use a MMU hypercall, in order to stop the system...
BID-36512, CVE-2009-3290, DSA-1907-1, DSA-1915-1, FEDORA-2009-10165, FEDORA-2009-11032, FEDORA-2009-11038, MDVSA-2009:289, RHSA-2009:1465-01, VIGILANCE-VUL-9033

PHP 5.2: several vulnerabilities
An attacker can use several vulnerabilities of PHP in order to create a denial of service or to execute code...
BID-36449, BID-37138, c02247738, CERTA-2009-AVI-510, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3294, CVE-2009-4018, DSA-1940-1, HPSBUX02543, MDVSA-2009:246, MDVSA-2009:247, MDVSA-2009:248, MDVSA-2009:304, MDVSA-2009:324, RHSA-2010:0040-01, SSA:2009-276-02, SSRT100152, SUSE-SR:2009:017, VIGILANCE-VUL-9031

FreeBSD, Linux, NetBSD: integer overflow of strfmon
An attacker controlling the strfmon() format string can generate an integer overflow leading to a denial of service, and possibly to code execution...
BID-28479, BID-36443, CERTA-2008-AVI-603, CVE-2008-1391, CVE-2009-4880, CVE-2009-4881, DSA-2058-1, MDVSA-2010:111, MDVSA-2010:112, NetBSD-SA2008-006, openSUSE-SU-2010:0913-1, openSUSE-SU-2010:0914-1, SUSE-SA:2010:052, VIGILANCE-VUL-7709

Our database contains other pages. You can request a free trial to read them.

Display information about Debian Wheezy:

https://www.debian.org/