Secunia - Stay Secure
Home Corporate Website Jobs Updated Mailing Lists RSS Blog  Online Shop Advertise
Software Inspectors
  Scan Online
  Personal (PSI)
  Network (NSI 2.0)

Solutions For
  Security Professionals
  Security Vendors

Free Solutions For
  Open Communities
  Journalists & Media

Secunia Advisories
  Search
  Historic Advisories
  Listed By Product
  Listed By Vendor
  Statistics / Graphs
  Secunia Research
  Report Vulnerability
  About Advisories

Virus Information
  Chronological List
  Last 10 Virus Alerts
  About Virus Information

Secunia Customers
  Customer Area


Debian Update für iceweasel Advisory Available in English 

Secunia Advisory: SA31069  
Herausgegeben: 2008-07-14

Gefahrenstufe:
Sehr kritisch
Auswirkung: Sicherheitsumgehung
Cross-Site-Scripting
Spoofing
Enthüllung von Systeminformationen
Enthüllung von sensiblen Informationen
DoS
Systemzugriff
Von Wo: Aus dem Internet
Lösungsstatus: Hersteller-Patch

OS:Debian GNU/Linux 4.0


CVE reference:CVE-2008-2798 (Secunia mirror)
CVE-2008-2799 (Secunia mirror)
CVE-2008-2800 (Secunia mirror)
CVE-2008-2801 (Secunia mirror)
CVE-2008-2802 (Secunia mirror)
CVE-2008-2803 (Secunia mirror)
CVE-2008-2805 (Secunia mirror)
CVE-2008-2807 (Secunia mirror)
CVE-2008-2808 (Secunia mirror)
CVE-2008-2809 (Secunia mirror)
CVE-2008-2811 (Secunia mirror)
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS!


Beschreibung:
Debian hat ein Update für iceweasel herausgegeben. Dieses behebt einige Sicherheitslücken, die böswillige Personen ausnutzen können, um Cross-Site-Scripting- und Spoofing-Attacken durchzuführen, bestimmte Sicherheitsrestriktionen zu umgehen, sensible Informationen zu enthüllen, oder potenziell das System eines Benutzers zu kompromittieren.

Weitere Informationen:
SA30911

Lösung:
Verwenden Sie die aktualisierten Pakete.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updat...weasel/iceweasel_2.0.0.15.orig.tar.gz
Size/MD5 checksum: 47244449 4fb7fdf128d5c8ce5e880510e58f5cfa
http://security.debian.org/pool/updat...eweasel/iceweasel_2.0.0.15-0etch1.dsc
Size/MD5 checksum: 1289 f29a9bb4fd9f71d203de489050e1f5f5
http://security.debian.org/pool/updat...sel/iceweasel_2.0.0.15-0etch1.diff.gz
Size/MD5 checksum: 186551 355acbaea7631bbfa0a1013902a7c82a

Architecture independent packages:

http://security.debian.org/pool/updat...zilla-firefox_2.0.0.15-0etch1_all.deb
Size/MD5 checksum: 55052 f166a298b2e71f4e478c01dc99e9601f
http://security.debian.org/pool/updat...dom-inspector_2.0.0.15-0etch1_all.deb
Size/MD5 checksum: 239592 281c8418a4d86ab976acf4fd65033606
http://security.debian.org/pool/updat...easel/firefox_2.0.0.15-0etch1_all.deb
Size/MD5 checksum: 54520 283777c2a1be7e90d85e7f900c085f40
http://security.debian.org/pool/updat...dom-inspector_2.0.0.15-0etch1_all.deb
Size/MD5 checksum: 54262 06e72fcbbe44c5d4125137786dfb8011
http://security.debian.org/pool/updat...gnome-support_2.0.0.15-0etch1_all.deb
Size/MD5 checksum: 54260 cb6f4ccf969394a3f5b650fb0f8de834
http://security.debian.org/pool/updat...gnome-support_2.0.0.15-0etch1_all.deb
Size/MD5 checksum: 54376 fe9ef4ef5de1b277d8a532aeaaaf5581
http://security.debian.org/pool/updat...dom-inspector_2.0.0.15-0etch1_all.deb
Size/MD5 checksum: 54412 2728ff70a7e5051d7dc5bb424ca17a79

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updat...eweasel-dbg_2.0.0.15-0etch1_amd64.deb
Size/MD5 checksum: 50156300 9ab61c77c9b1bb6af19448d2300b3277
http://security.debian.org/pool/updat...ome-support_2.0.0.15-0etch1_amd64.deb
Size/MD5 checksum: 87772 a3c3f310edeba4b18dfbb8880c8d76f9
http://security.debian.org/pool/updat...l/iceweasel_2.0.0.15-0etch1_amd64.deb
Size/MD5 checksum: 10202026 6017a343bcee74e5922218b25b00a9d9

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.15-0etch1_hppa.deb
Size/MD5 checksum: 50526254 29a44a85fd87708cc9c1f8a4bb10f346
http://security.debian.org/pool/updat...el/iceweasel_2.0.0.15-0etch1_hppa.deb
Size/MD5 checksum: 11108034 8e9c155e5a4128bed37260c0ad7a0c1b
http://security.debian.org/pool/updat...nome-support_2.0.0.15-0etch1_hppa.deb
Size/MD5 checksum: 89312 1a2507f73581e80103806bda8c673abd

i386 architecture (Intel ia32)

http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.15-0etch1_i386.deb
Size/MD5 checksum: 49553216 2f70c9f1fb5306d9f937613b3cc84cda
http://security.debian.org/pool/updat...nome-support_2.0.0.15-0etch1_i386.deb
Size/MD5 checksum: 81902 34948a1ed1b8558e0804860914cd0c72
http://security.debian.org/pool/updat...el/iceweasel_2.0.0.15-0etch1_i386.deb
Size/MD5 checksum: 9117184 f77fc0ad893338c987f206101facd9f0

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updat...el/iceweasel_2.0.0.15-0etch1_ia64.deb
Size/MD5 checksum: 14150826 de782a5715826236aacf2311f43ef949
http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.15-0etch1_ia64.deb
Size/MD5 checksum: 50499040 fe8b0f690dd078d0997b27ba36a0e510
http://security.debian.org/pool/updat...nome-support_2.0.0.15-0etch1_ia64.deb
Size/MD5 checksum: 100112 ab756247dd84e77695ff6b4dfab96cd3

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updat...el/iceweasel_2.0.0.15-0etch1_mips.deb
Size/MD5 checksum: 11058248 30d13ac857eddbbeeb6d19fc2a4f9b75
http://security.debian.org/pool/updat...nome-support_2.0.0.15-0etch1_mips.deb
Size/MD5 checksum: 83040 07fc599646c9d80e43fe84e4509d34b7
http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.15-0etch1_mips.deb
Size/MD5 checksum: 53950398 74967273393c4b168c101eae383577ff

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updat...weasel-dbg_2.0.0.15-0etch1_mipsel.deb
Size/MD5 checksum: 52499994 9c02fbe217402e9c00ef01fa103dc43d
http://security.debian.org/pool/updat.../iceweasel_2.0.0.15-0etch1_mipsel.deb
Size/MD5 checksum: 10759554 cd00c8429e986dc2399c60cd8c131b2a
http://security.debian.org/pool/updat...me-support_2.0.0.15-0etch1_mipsel.deb
Size/MD5 checksum: 83054 66561cb487daf2a9df80c8c1722fcce1

powerpc architecture (PowerPC)

http://security.debian.org/pool/updat...iceweasel_2.0.0.15-0etch1_powerpc.deb
Size/MD5 checksum: 9935232 0d405869b71246057614dc440c2c685c
http://security.debian.org/pool/updat...e-support_2.0.0.15-0etch1_powerpc.deb
Size/MD5 checksum: 83630 46e7175e4b0e1bf27a5254c7bc332eaa
http://security.debian.org/pool/updat...easel-dbg_2.0.0.15-0etch1_powerpc.deb
Size/MD5 checksum: 51949586 589452bc8022d7947522d4e596f6388a

s390 architecture (IBM S/390)

http://security.debian.org/pool/updat...nome-support_2.0.0.15-0etch1_s390.deb
Size/MD5 checksum: 88034 a29c5e9842d6704818cce57a3cb53d1e
http://security.debian.org/pool/updat...ceweasel-dbg_2.0.0.15-0etch1_s390.deb
Size/MD5 checksum: 50828486 9f956f6e6a3a40ea666dc3b9bb4888db
http://security.debian.org/pool/updat...el/iceweasel_2.0.0.15-0etch1_s390.deb
Size/MD5 checksum: 10359442 86e9bac75060c34d0c42826e38b0e6ae

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updat...ome-support_2.0.0.15-0etch1_sparc.deb
Size/MD5 checksum: 81748 6fc2cc53b1d64b48b24ab8b81c9027a4
http://security.debian.org/pool/updat...eweasel-dbg_2.0.0.15-0etch1_sparc.deb
Size/MD5 checksum: 49164610 e334feea6dd3c72cc2a49af2b3e25e33
http://security.debian.org/pool/updat...l/iceweasel_2.0.0.15-0etch1_sparc.deb
Size/MD5 checksum: 9138482 2a301be276e18b5605454682b37ddefd

Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00188.html

Andere Referenzen:
SA30911:
http://secunia.com/advisories/30911/


Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

333 Related Secunia Security Advisories, displaying 10

1. Debian Update für tiff
2. Debian Update für libxml2
3. Debian Update für linux-2.6
4. Debian Update für postfix
5. Debian Update für pdns
6. Debian Update für httracker
7. Debian Update für opensc
8. Debian Update für cupsys
9. Debian Update für libxslt
10. Debian Update für newsx

Show all related advisories


Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.








Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Do you think it's important to read Setup/User Guides for applications for use within your network?


See Results   


Most Popular Advisories

1.
WMNews Cross-Site Scripting Vulnerabilities
2.
Joomla Community Builder Component File Inclusion
3.
dotProject SQL Injection and Cross-Site Scripting
4.
OpenOffice "rtl_allocateMe mory()" Truncation Vulnerability
5.
Novell eDirectory Multiple Vulnerabilities
6.
HP TCP/IP Services for OpenVMS Finger Format String Vulnerability
7.
Caudium "configvar" Insecure Temporary Files
8.
Slackware update for amarok
9.
Acoustica Mixcraft ".mx4" File Processing Buffer Overflow
10.
Adium MSN SLP Message Integer Overflow Vulnerabilities





Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia