The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of TurboLinux

gunzip: code execution via LZW
An attacker can create a malicious compressed ".Z" archive, in order to execute code on computers of victims opening it with gunzip...
BID-37886, CVE-2010-0001, DSA-1974-1, DSA-2074-1, FEDORA-2010-0884, FEDORA-2010-0964, MDVSA-2010:019, MDVSA-2010:020, MDVSA-2011:152, RHSA-2010:0061-02, SSA:2010-060-03, TLSA-2010-6, VIGILANCE-VUL-9365, VMSA-2010-0009, VMSA-2010-0009.1
gunzip: code execution via Huffman
An attacker can create a malicious compressed ".gz" archive, in order to execute code on computers of victims opening it with gunzip...
507263, BID-37888, CERTA-2010-AVI-028, CVE-2009-2624, FEDORA-2010-0884, FEDORA-2010-0964, MDVSA-2010:020, TLSA-2010-6, VIGILANCE-VUL-9364
BIND: cache poisoning with NXDOMAIN
A remote attacker can send a malicious DNS NXDOMAIN reply, in order to poison the cache of a server with DNSSEC enabled...
275890, 6916058, BID-37865, c02097674, CERTA-2010-AVI-020, CVE-2010-0097, DSA-2054-1, DSA-2054-2, FEDORA-2010-0861, FEDORA-2010-0868, HPSBUX02519, IV09491, IV09978, IV10049, IV11742, IV11743, IV11744, MDVSA-2010:021, RHSA-2010:0062-02, SOL17025, SSA:2010-176-01, SSRT100004, TLSA-2010-5, VIGILANCE-VUL-9362, VMSA-2010-0009, VMSA-2010-0009.1, VU#360341
BIND: cache poisoning with DNSSEC
A remote attacker can send a malicious DNS request/reply, in order to poison the cache of a recursive server with DNSSEC enabled...
275890, 2828, 2831, 6916058, c02263226, CVE-2009-4022-ERROR, CVE-2010-0290, CVE-2010-0382, DSA-2054-1, DSA-2054-2, FEDORA-2010-0861, FEDORA-2010-0868, HPSBUX02546, IV09491, IV09978, IV10049, IV11742, IV11743, IV11744, MDVSA-2010:021, RHSA-2010:0062-02, RT #20737, RT #20819, SOL15787, SSRT100159, TLSA-2010-5, VIGILANCE-VUL-9361, VMSA-2010-0009, VMSA-2010-0009.1, VU#418861
BIND: cache poisoning with DNSSEC
A remote attacker can send a malicious DNS request/reply, in order to poison the cache of a recursive server with DNSSEC enabled...
273169, 6902912, BID-37118, c02263226, CERTA-2009-AVI-515, CERTA-2010-AVI-044, CVE-2009-4022, DSA-1961-1, FEDORA-2009-12218, FEDORA-2009-12233, FreeBSD-SA-10:01.bind, HPSBUX02546, MDVSA-2009:304, MDVSA-2009:313-1, RHSA-2009:1620-01, SSA:2009-336-01, SSA:2010-176-01, SSRT100159, SUSE-SA:2009:059, TLSA-2009-33, VIGILANCE-VUL-9224, VMSA-2010-0004, VMSA-2010-0004.1, VMSA-2010-0004.2, VMSA-2010-0004.3, VU#418861
OpenSSL: memory leak of CRYPTO_cleanup_all_ex_data
An attacker can generate a memory leak in some applications using the OpenSSL CRYPTO_cleanup_all_ex_data() function...
c02079216, CVE-2009-4355, DSA-1970-1, FEDORA-2010-5357, HPSBUX02517, MDVSA-2010:022, PSN-2012-11-767, RHSA-2010:0054-01, SSA:2010-060-02, SSRT100058, TLSA-2010-4, VIGILANCE-VUL-9348, VMSA-2010-0009, VMSA-2010-0009.1
Sendmail: truncation of X.509 with null
When Sendmail uses certificates, an attacker can send a X.509 certificate with a Subject/Issuer field containing a null character, in order to bypass access restrictions...
275870, 6913961, BID-37543, c02009860, CERTA-2010-AVI-123, CVE-2009-4565, DSA-1985-1, FEDORA-2010-5399, FEDORA-2010-5470, HPSBUX02508, IZ72510, IZ72515, IZ72526, IZ72528, IZ72539, IZ72602, MDVSA-2010:003, RHSA-2010:0237-05, RHSA-2011:0262-01, SSRT100007, SUSE-SR:2010:006, TLSA-2010-3, VIGILANCE-VUL-9321
Firefox, SeaMonkey: several vulnerabilities
Several vulnerabilities of Firefox and SeaMonkey can be used by an attacker to execute code on victim's computer...
293347, 457514, 468771, 470487, 479931, 487872, 494617, 495875, 503451, 504613, 504843, 506267, 510518, 513981, 514232, 514999, 515811, 515882, 516237, 521461, 522374, 522430, 523816, 524121, BID-37349, BID-37360, BID-37361, BID-37362, BID-37363, BID-37364, BID-37365, BID-37366, BID-37367, BID-37368, BID-37369, BID-37370, CERTA-2009-AVI-547, CERTA-2010-AVI-024, CVE-2009-3388, CVE-2009-3389, CVE-2009-3979, CVE-2009-3980, CVE-2009-3981, CVE-2009-3982, CVE-2009-3983, CVE-2009-3984, CVE-2009-3985, CVE-2009-3986, CVE-2009-3987, DSA-1956-1, FEDORA-2010-7100, MDVSA-2009:338, MDVSA-2009:339, MFSA 2009-65, MFSA 2009-66, MFSA 2009-67, MFSA 2009-68, MFSA 2009-69, MFSA 2009-70, MFSA 2009-71, RHSA-2009:1673-01, RHSA-2009:1674-01, SSA:2009-351-01, SSA:2009-352-01, SUSE-SA:2009:063, SUSE-SR:2009:020, SUSE-SR:2010:013, TLSA-2009-35, TLSA-2010-1, VIGILANCE-VUL-9292
PostgreSQL: two vulnerabilities
An attacker can use two vulnerabilities of PostgreSQL, in order to access to user's data...
274870, 6909139, 6909140, 6909142, BID-37333, BID-37334, c03333585, CERTA-2009-AVI-546, CVE-2009-4034, CVE-2009-4136, DSA-1964-1, FEDORA-2009-13363, FEDORA-2009-13381, HPSBMU02781, MDVSA-2009:333, RHSA-2010:0427-01, RHSA-2010:0428-01, RHSA-2010:0429-01, SSRT100617, SUSE-SR:2010:001, TLSA-2010-2, VIGILANCE-VUL-9285
Adobe Flash Player: several vulnerabilities
Several Adobe Flash Player vulnerabilities can be used by an attacker to execute code or to obtain information...
274250, 6908614, APSB09-19, BID-37199, BID-37266, BID-37267, BID-37269, BID-37270, BID-37272, BID-37273, BID-37275, CERTA-2009-AVI-541, CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800, CVE-2009-3951, RHSA-2009:1657-01, RHSA-2009:1658-01, SUSE-SA:2009:062, TLSA-2009-34, VIGILANCE-VUL-9256, ZDI-09-092, ZDI-09-093
Our database contains other pages. You can request a free trial to read them.

Display information about TurboLinux: