Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Debian Security Updates
Posted by philipp on: 04/19/2003 09:06 AM [ Print | 0 comment(s) ]
3 new security updates for Debian GNU/Linux are available:
DSA-290-1 sendmail-wide -- char-to-int conversion
Michal Zalewski discovered a buffer overflow, triggered by a char to int conversion, in the address parsing code in sendmail, a widely used powerful, efficient, and scalable mail transport agent. This problem is potentially remotely exploitable.
Read more
DSA-289-1 rinetd -- incorrect memory resizing
Sam Hocevar discovered a security problem in rinetd, an IP connection redirection server. When the connection list is full, rinetd resizes the list in order to store the new incoming connection. However, this is done improperly, resulting in a denial of service and potentially execution of arbitrary code.
Read more
DSA-288-1 openssl -- several vulnerabilities
Researchers discovered two flaws in OpenSSL, a Secure Socket Layer (SSL) library and related cryptographic tools. Applications that are linked against this library are generally vulnerable to attacks that could leak the server's private key or make the encrypted session decryptable otherwise.
Read more
DSA-290-1 sendmail-wide -- char-to-int conversion
Michal Zalewski discovered a buffer overflow, triggered by a char to int conversion, in the address parsing code in sendmail, a widely used powerful, efficient, and scalable mail transport agent. This problem is potentially remotely exploitable.
Read more
DSA-289-1 rinetd -- incorrect memory resizing
Sam Hocevar discovered a security problem in rinetd, an IP connection redirection server. When the connection list is full, rinetd resizes the list in order to store the new incoming connection. However, this is done improperly, resulting in a denial of service and potentially execution of arbitrary code.
Read more
DSA-288-1 openssl -- several vulnerabilities
Researchers discovered two flaws in OpenSSL, a Secure Socket Layer (SSL) library and related cryptographic tools. Applications that are linked against this library are generally vulnerable to attacks that could leak the server's private key or make the encrypted session decryptable otherwise.
Read more
Related Threads
07/26/2006 06:14 PM: Help connecting Linksys BEFCMU10 USB modem (debian sarge) (3) by danleff
03/06/2006 12:29 AM: Mythtv and Debian Sarge (3) by hjs11
10/20/2005 01:21 PM: getting X in Debian Sarge (2) by iamroot
10/29/2004 09:30 PM: Geforce4 Debian Support ! (3) by danleff
04/22/2004 01:49 PM: Debian Sarge - apt-get DVD/CD issue (3) by Philipp
07/28/2003 08:02 PM: Debian sid DVD iso cd1 (2) by Admiral LSD
03/11/2003 08:42 PM: GeForce 4 Debian support (7) by clutch
12/05/2002 11:21 PM: Nvidia drivers break Xfree 4.2.1 in debian Sid (4) by mksoccer
03/06/2006 12:29 AM: Mythtv and Debian Sarge (3) by hjs11
10/20/2005 01:21 PM: getting X in Debian Sarge (2) by iamroot
10/29/2004 09:30 PM: Geforce4 Debian Support ! (3) by danleff
04/22/2004 01:49 PM: Debian Sarge - apt-get DVD/CD issue (3) by Philipp
07/28/2003 08:02 PM: Debian sid DVD iso cd1 (2) by Admiral LSD
03/11/2003 08:42 PM: GeForce 4 Debian support (7) by clutch
12/05/2002 11:21 PM: Nvidia drivers break Xfree 4.2.1 in debian Sid (4) by mksoccer