The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian Wheezy

libopie: overflow of one byte
An attacker can use a special login name, in order to generate an overflow of one byte in applications linked to libopie, leading to a denial of service, and possibly to code execution...
BID-40403, CERTA-2003-AVI-037, CERTA-2010-AVI-233, CVE-2010-1938, DSA-2281-1, FreeBSD-SA-10:05.opie, VIGILANCE-VUL-9670
ProFTPD, BSD, Solaris: Cross Site Request Forgery of FTP
An attacker can use a CSRF in order to execute FTP commands with privileges of the victim seeing an HTML page...
BID-31289, BID-40320, CERTA-2002-AVI-217, CERTA-2008-AVI-471, cpujul2010, CVE-2008-4242, CVE-2008-4247, DSA-1689-1, FEDORA-2009-0064, FEDORA-2009-0089, FEDORA-2009-0195, FreeBSD-SA-08:12.ftpd, FreeBSD-SA-09:01.lukemftpd, MDVSA-2009:061, NetBSD-SA2008-014, VIGILANCE-VUL-8123
Cacti: three Cross Site Scripting
Three Cross Site Scripting of Cacti can be used by an attacker in order to execute JavaScript code in the context of the web site...
BID-40332, CVE-2010-1644, DSA-2384-1, DSA-2384-2, FEDORA-2010-9036, FEDORA-2010-9047, FEDORA-2010-9062, MDVSA-2010:160, RHSA-2010:0635-01, VIGILANCE-VUL-9660
Perl: bypassing Safe.pm via sub references
An attacker can use a reference on a subroutine, in order to bypass restrictions imposed by the Safe.pm module of Perl...
588269, BID-40305, CVE-2010-1447, DSA-2267-1, FEDORA-2010-11323, FEDORA-2010-11340, MDVSA-2010:115, openSUSE-SU-2010:0518-1, openSUSE-SU-2010:0519-1, PSN-2012-08-686, PSN-2012-08-687, PSN-2012-08-688, PSN-2012-08-689, PSN-2012-08-690, RHSA-2010:0457-01, RHSA-2010:0458-02, SUSE-SR:2010:016, VIGILANCE-VUL-9658, VMSA-2010-0013, VMSA-2010-0013.1, VMSA-2010-0013.2, VMSA-2010-0013.3
PostgreSQL: five vulnerabilities
An attacker can use five vulnerabilities of PostgreSQL, in order to execute code or to generate a denial of service...
BID-40215, BID-40304, BID-40305, c03333585, CERTA-2010-AVI-214, CVE-2010-1169, CVE-2010-1170, CVE-2010-1447, CVE-2010-1975, DSA-2051-1, FEDORA-2010-15870, FEDORA-2010-16004, FEDORA-2010-8696, FEDORA-2010-8715, FEDORA-2010-8723, HPSBMU02781, MDVSA-2010:103, PSN-2012-08-686, PSN-2012-08-687, PSN-2012-08-688, PSN-2012-08-689, PSN-2012-08-690, RHSA-2010:0427-01, RHSA-2010:0428-01, RHSA-2010:0429-01, RHSA-2010:0430-01, SSRT100617, SUSE-SR:2010:014, SUSE-SR:2010:016, VIGILANCE-VUL-9647
Cacti: four Cross Site Scripting
Four Cross Site Scripting of Cacti can be used by an attacker in order to execute JavaScript code in the context of the web site...
BID-37109, CVE-2009-4032, DSA-1954-1, FEDORA-2009-12560, FEDORA-2009-12575, RHSA-2010:0635-01, SUSE-SR:2009:020, VIGILANCE-VUL-9656
MySQL: deleting a MyISAM table
When a MySQL database uses the MyISAM engine, an attacker can delete a table or an index...
BID-40257, CERTA-2013-AVI-543, CVE-2010-1626, DSA-2057-1, MDVSA-2010:101, openSUSE-SU-2010:0730-1, openSUSE-SU-2010:0731-1, RHSA-2010:0442-01, SUSE-SR:2010:019, SUSE-SR:2010:021, VIGILANCE-VUL-9652
MIT krb5: denial of service via GSS-API
An authenticated attacker can send a malicious GSS-API token, in order to stop some MIT krb5 applications...
BID-40235, c02257427, CVE-2010-1321, DSA-2052-1, FEDORA-2010-8749, FEDORA-2010-8796, FEDORA-2010-8805, HPSBUX02544, MDVSA-2010:100, MDVSA-2010:129, MDVSA-2010:130, MITKRB5-SA-2010-005, RHSA-2010:0423-01, SSRT100107, SUSE-SR:2010:013, SUSE-SR:2010:014, SUSE-SR:2010:015, SUSE-SR:2010:019, SUSE-SR:2011:008, VIGILANCE-VUL-9651, VMSA-2010-0013, VMSA-2010-0013.1, VMSA-2010-0013.2, VMSA-2010-0013.3, VMSA-2010-0016, VMSA-2010-0016.1
MySQL: four vulnerabilities
Four vulnerabilities of MySQL can be used by a local attacker in order to access to tables, to execute code, or to generate a denial of service...
48419, 50974, 53237, 53371, BID-40100, BID-40106, BID-40109, CERTA-2010-AVI-223, CVE-2010-1848, CVE-2010-1849, CVE-2010-1850, DSA-2057-1, FEDORA-2010-9016, FEDORA-2010-9053, FEDORA-2010-9061, MDVSA-2010:107, openSUSE-SU-2010:0730-1, openSUSE-SU-2010:0731-1, RHSA-2010:0442-01, RHSA-2010:0824-01, SUSE-SR:2010:019, SUSE-SR:2010:021, VIGILANCE-VUL-9644
Cacti: SQL injection via rra_id
An attacker can use the rra_id variable, in order to inject SQL code in the Cacti database...
BID-40149, CERTA-2002-AVI-268, CVE-2010-2092, DSA-2060-1, FEDORA-2010-9036, FEDORA-2010-9047, FEDORA-2010-9062, MDVSA-2010:117, MOPS-2010-023, RHSA-2010:0635-01, VIGILANCE-VUL-9642
Our database contains other pages. You can request a free trial to read them.

Display information about Debian Wheezy: