Secunia - Stay Secure
Gartner
Home Corporate Website Jobs Updated Mailing Lists RSS Blog  Online Shop Advertise
Software Inspectors
  Scan Online
  Personal (PSI)
  Network (NSI 2.0)

Solutions For
  Security Professionals
  Security Vendors

Free Solutions For
  Open Communities
  Journalists & Media

Secunia Advisories
  Search
  Historic Advisories
  Listed By Product
  Listed By Vendor
  Statistics / Graphs
  Secunia Research
  Report Vulnerability
  About Advisories

Virus Information
  Chronological List
  Last 10 Virus Alerts
  About Virus Information

Secunia Customers
  Customer Area


Debian Update für iceweasel Advisory Available in English 

Secunia Advisory: SA29616  
Herausgegeben: 2008-03-31

Gefahrenstufe:
Sehr kritisch
Auswirkung: Sicherheitsumgehung
Cross-Site-Scripting
Spoofing
Enthüllung von sensiblen Informationen
Systemzugriff
Von Wo: Aus dem Internet
Lösungsstatus: Hersteller-Patch

OS:Debian GNU/Linux 4.0


CVE reference:CVE-2007-4879 (Secunia mirror)
CVE-2008-1233 (Secunia mirror)
CVE-2008-1234 (Secunia mirror)
CVE-2008-1235 (Secunia mirror)
CVE-2008-1236 (Secunia mirror)
CVE-2008-1237 (Secunia mirror)
CVE-2008-1238 (Secunia mirror)
CVE-2008-1240 (Secunia mirror)
CVE-2008-1241 (Secunia mirror)
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS!


Beschreibung:
Debian hat ein Update für iceweasel herausgegeben. Dieses behebt einige Sicherheitslücken, die böswillige Personen potenziell ausnutzen können, um bestimmte Sicherheitsrestriktionen zu umgehen, potenziell sensible Informationen zu enthüllen, Cross-Site-Scripting- und Phishing-Attacken durchzuführen und potenziell das System eines Benutzers zu kompromittieren.

Weitere Informationen:
SA29526

Lösung:
Installieren Sie aktualisierte Pakete.

-- Debian 4.0 (stable) --

Source archives:

http://security.debian.org/pool/updat...sel/iceweasel_2.0.0.13-0etch1.diff.gz
Size/MD5 checksum: 186301 53f3006d2e0e33c5c3b9b2e5455dceda
http://security.debian.org/pool/updat...eweasel/iceweasel_2.0.0.13-0etch1.dsc
Size/MD5 checksum: 1289 4cae6173a998d828c2482342990d278a
http://security.debian.org/pool/updat...weasel/iceweasel_2.0.0.13.orig.tar.gz
Size/MD5 checksum: 43550925 d9581b7ecfadc75faab6745b27f153fb

Architecture independent packages:

http://security.debian.org/pool/updat...dom-inspector_2.0.0.13-0etch1_all.deb
Size/MD5 checksum: 54124 1c174b651e317df30e5fdeba88d0ec55
http://security.debian.org/pool/updat...easel/firefox_2.0.0.13-0etch1_all.deb
Size/MD5 checksum: 54384 5edb0209f67852029483cbcba18f5c92
http://security.debian.org/pool/updat...dom-inspector_2.0.0.13-0etch1_all.deb
Size/MD5 checksum: 54274 7b8c2847eccc00fe3fd8b867e9d71acf
http://security.debian.org/pool/updat...gnome-support_2.0.0.13-0etch1_all.deb
Size/MD5 checksum: 54242 92384349e31851e1b0119552cb07f44d
http://security.debian.org/pool/updat...gnome-support_2.0.0.13-0etch1_all.deb
Size/MD5 checksum: 54124 45d17d43f0b99aeb176375edd4c75d76
http://security.debian.org/pool/updat...dom-inspector_2.0.0.13-0etch1_all.deb
Size/MD5 checksum: 239444 393dcf03f5b94cf95be68525b89492bf
http://security.debian.org/pool/updat...zilla-firefox_2.0.0.13-0etch1_all.deb
Size/MD5 checksum: 54914 6540e2954f40e3bc63bf74bc4fd8b674

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updat...l/iceweasel_2.0.0.13-0etch1_amd64.deb
Size/MD5 checksum: 10194518 754786f9c4fdc37b85cf89834e9cbdb5
http://security.debian.org/pool/updat...eweasel-dbg_2.0.0.13-0etch1_amd64.deb
Size/MD5 checksum: 50099150 ca0f49a7edcb77cbdd7cad9f6d0ea069
http://security.debian.org/pool/updat...ome-support_2.0.0.13-0etch1_amd64.deb
Size/MD5 checksum: 87670 338c9a70618805a6ffb822269101b044

arm architecture (ARM)

http://security.debian.org/pool/updat...sel/iceweasel_2.0.0.13-0etch1_arm.deb
Size/MD5 checksum: 9243714 c57fc912cd587993569f30cca27ece6c
http://security.debian.org/pool/updat...iceweasel-dbg_2.0.0.13-0etch1_arm.deb
Size/MD5 checksum: 49186638 1574200afef731f356faf15092f2721a
http://security.debian.org/pool/updat...gnome-support_2.0.0.13-0etch1_arm.deb
Size/MD5 checksum: 81406 c80e04d7cb727b3cdb2144819bf7f028

i386 architecture (Intel ia32)

http://security.debian.org/pool/updat...nome-support_2.0.0.13-0etch1_i386.deb
Size/MD5 checksum: 81770 8b584c2e16fc0eb7bd8c11d27a68f8e5
http://security.debian.org/pool/updat...el/iceweasel_2.0.0.13-0etch1_i386.deb
Size/MD5 checksum: 9107570 8ac43d77b6449acbecd281b1e5f2e9ac
http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.13-0etch1_i386.deb
Size/MD5 checksum: 49495882 81830f6ad26fa886669d90b887433e77

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updat...nome-support_2.0.0.13-0etch1_ia64.deb
Size/MD5 checksum: 99988 d28403a679b81194e3f65e1b1cec1220
http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.13-0etch1_ia64.deb
Size/MD5 checksum: 50453990 eb2fc53f839647fb1584012b126b661b
http://security.debian.org/pool/updat...el/iceweasel_2.0.0.13-0etch1_ia64.deb
Size/MD5 checksum: 14130102 d8e18be59e8d5c800e606ae69708f124

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.13-0etch1_mips.deb
Size/MD5 checksum: 53881214 78264349841c07851ae9077e12506456
http://security.debian.org/pool/updat...el/iceweasel_2.0.0.13-0etch1_mips.deb
Size/MD5 checksum: 11049744 2b030d2cfc9cc25127a83a27a3acb180
http://security.debian.org/pool/updat...nome-support_2.0.0.13-0etch1_mips.deb
Size/MD5 checksum: 82892 413e9bbb536e91cb9374bc7660034f43

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updat.../iceweasel_2.0.0.13-0etch1_mipsel.deb
Size/MD5 checksum: 10750920 c4f9f270a9dc3bb9a4c7fb653672ca61
http://security.debian.org/pool/updat...weasel-dbg_2.0.0.13-0etch1_mipsel.deb
Size/MD5 checksum: 52448404 2adcb659d1f1eacbe089e6ecf5c1a577
http://security.debian.org/pool/updat...me-support_2.0.0.13-0etch1_mipsel.deb
Size/MD5 checksum: 82932 cf40c0bddc35bbcc0ad25bdd5b75cc70

powerpc architecture (PowerPC)

http://security.debian.org/pool/updat...easel-dbg_2.0.0.13-0etch1_powerpc.deb
Size/MD5 checksum: 51896022 22d862ee8df86400f7cf1e92fcbe8299
http://security.debian.org/pool/updat...e-support_2.0.0.13-0etch1_powerpc.deb
Size/MD5 checksum: 83486 3cfbd6d6e50cba5ee0f9f2a64c582bbb
http://security.debian.org/pool/updat...iceweasel_2.0.0.13-0etch1_powerpc.deb
Size/MD5 checksum: 9925618 b0790a2eaa530ae0c14cf3e4e087c156

s390 architecture (IBM S/390)

http://security.debian.org/pool/updat...nome-support_2.0.0.13-0etch1_s390.deb
Size/MD5 checksum: 87860 6cf8c562ea26ef6b4966990380d0dbaa
http://security.debian.org/pool/updat...el/iceweasel_2.0.0.13-0etch1_s390.deb
Size/MD5 checksum: 10344926 36b3aa8464d05e8f62c7526df1edb90d
http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.13-0etch1_s390.deb
Size/MD5 checksum: 50768124 95d62e4679469eda4932f22ef004e3e1

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updat...ome-support_2.0.0.13-0etch1_sparc.deb
Size/MD5 checksum: 81614 4c1326aaae9821365b4baab2c692e5f0
http://security.debian.org/pool/updat...l/iceweasel_2.0.0.13-0etch1_sparc.deb
Size/MD5 checksum: 9129464 dc5b96ef06e08ee830411f043ead9836
http://security.debian.org/pool/updat...eweasel-dbg_2.0.0.13-0etch1_sparc.deb
Size/MD5 checksum: 49108664 fee19c03f569025e398d02e1c63af3c4

Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00104.html

Andere Referenzen:
SA29526:
http://secunia.com/advisories/29526/


Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

315 Related Secunia Security Advisories, displaying 10

1. Debian Update für ruby1.8
2. Debian Update für libgd2
3. Debian Update für afuse
4. Debian Update für gaim
5. Debian Update für lighttpd
6. Debian Update für iceweasel
7. Debian Update für mysql-dfsg-5.0
8. Debian Update für poppler
9. Debian bind DNS-Cache-Poisoning Sicherheitslücke
10. Debian Update für bind9

Show all related advisories


Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.








Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Do you think it's important to read Setup/User Guides for applications for use within your network?


See Results   


Most Popular Advisories

1.
Linux Kernel LDT Buffer Size Handling Vulnerability
2.
Drupal Session Fixation Vulnerability
3.
OpenBSD BIND Query Port DNS Cache Poisoning
4.
Red Hat update for kernel
5.
Ubuntu update for php
6.
IPCop update for perl
7.
Debian update for xulrunner
8.
Slackware update for dnsmasq
9.
Debian update for cupsys
10.
Apple Safari Cross-Domain Cookie Injection Vulnerability





Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia