|
Vulnerability Report: EnGarde Secure Community 1.x
|
This vulnerability report for EnGarde Secure Community 1.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.
If you have information about a new or an existing vulnerability in EnGarde Secure Community 1.x then you are more than welcome to contact us.
|
|
|
|
|
Vendor, Links, and Unpatched Vulnerabilities
|
|
|
|
30 Secunia Advisories in 2003
|
Secunia has issued a total of 30 Secunia advisories in 2003 for EnGarde Secure Community 1.x. Currently, 0% (0 out of 30) are marked as unpatched.
More information about the specific Secunia advisories affecting EnGarde Secure Community 1.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.
|
|
|
|
|
|
Release Date:
2003-12-04 |
Secunia Advisory ID:
SA10362 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
System access
|
Where:
From remote |
|
Short Description:
EnGarde has issued updated packages for rsync. These fix a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-11-27 |
Secunia Advisory ID:
SA10303 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
DoS
|
Where:
From local network |
|
Short Description:
Guardian Digital has issued updated packages for bind. These fix a vulnerability, which can be exploited to poison the DNS cache with negative entries. [Read More]
|
|
|
|
|
|
Release Date:
2003-11-06 |
Secunia Advisory ID:
SA10154 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
Privilege escalation
DoS
|
Where:
Local system |
|
Short Description:
Guardian Digital has issued updated packages for apache. These fix some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or escalate privileges. [Read More]
|
|
|
|
|
|
Release Date:
2003-11-05 |
Secunia Advisory ID:
SA10140 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Guardian Digital has issued updated packages for OpenSSL. These fix a vulnerability, which can be exploited to cause a DoS (Denial of Service) on certain platforms. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-09 |
Secunia Advisory ID:
SA9982 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Guardian Digital has issued an update for OpenSSL. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a Denial of Service. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-01 |
Secunia Advisory ID:
SA9900 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Guardian Digital has issued updated packages for OpenSSL. These fix two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2003-09-25 |
Secunia Advisory ID:
SA9841 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
Local system |
|
Short Description:
A vulnerability has been identified in The Guardian Digital WebTool, which exposes users' passwords. [Read More]
|
|
|
|
|
|
Release Date:
2003-09-19 |
Secunia Advisory ID:
SA9787 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
Guardian Digital has issued updated packages for MySQL. These fix a vulnerability, which can be exploited by malicious users to escalate their privileges on a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-09-16 |
Secunia Advisory ID:
SA9744 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Guardian Digital has issued updated packages to fix the "buffer_append_space()" vulnerability. [Read More]
|
|
|
|
|
|
Release Date:
2003-09-12 |
Secunia Advisory ID:
SA9717 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Guardian Digital has issued updates for Pine. These fix two vulnerabilities, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-08-07 |
Secunia Advisory ID:
SA9462 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Guardian Digital has issued an update for stunnel. This fixes a vulnerability allowing malicious people to cause a Denial of Service. [Read More]
|
|
|
|
|
|
Release Date:
2003-08-05 |
Secunia Advisory ID:
SA9445 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of system information
DoS
|
Where:
From remote |
|
Short Description:
Guardian Digital has issued updated packages for Postfix. These fix two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system or use it to conduct bounce scans and Distributed DoS attacks against other systems. [Read More]
|
|
|
|
|
|
Release Date:
2003-06-17 |
Secunia Advisory ID:
SA9057 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
A vulnerability has been identified in Linux-PAM, which allows malicious, local users to escalate their privileges. [Read More]
|
|
|
|
|
|
Release Date:
2003-06-03 |
Secunia Advisory ID:
SA8936 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Three vulnerabilities have been identified in the Linux Kernel 2.4 branch. One can be exploited to cause a Denial of Service by a malicious person and is very similar to the recent Linux Kernel Denial of Service. The others are local Denial of Service vulnerabilities. [Read More]
|
|
|
|
|
|
Release Date:
2003-05-01 |
Secunia Advisory ID:
SA8711 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
EnGarde has issued updated packages for tcpdump, which fix multiple vulnerabilities. [Read More]
|
|
|
|
|
|
Release Date:
2003-05-01 |
Secunia Advisory ID:
SA8710 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
EnGarde has issued updated packages for snort. These fix a vulnerability, which can be exploited by a malicious person to compromise a system running snort. [Read More]
|
|
|
|
|
|
Release Date:
2003-04-22 |
Secunia Advisory ID:
SA8632 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Xinetd, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-04-07 |
Secunia Advisory ID:
SA8533 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From local network |
|
Short Description:
Samba is vulnerable to a buffer overflow, which can be exploited by anonymous users. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-30 |
Secunia Advisory ID:
SA8446 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been discovered in Sendmail, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-24 |
Secunia Advisory ID:
SA8379 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
EnGarde has issued updates to RPC XDR. A vulnerability has been discovered allowing malicious users to cause an integer overflow, this could lead to a Denial of Service and possibly also execution of arbitrary code. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-21 |
Secunia Advisory ID:
SA8363 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
EnGarde has issued updates to openssl. Two vulnerabilities has been discovered, one allowing malicious people to extract the premaster-secret, the other allowed malicious people to extract the RSA secret. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-20 |
Secunia Advisory ID:
SA8347 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From local network |
|
Short Description:
A vulnerability identified in multiple *NIX operating systems and software can be exploited by malicious people to conduct a DoS attack (Denial of Service) on a vulnerable system or potentially compromise it. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-17 |
Secunia Advisory ID:
SA8299 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From local network |
|
Short Description:
A vulnerability has been identified in Samba, which can be exploited by a malicious person to compromise a vulnerable server. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-05 |
Secunia Advisory ID:
SA8224 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
A boundary error identified in the utility "file" included in many *nix distributions can potentially be exploited by malicious users to escalate their privileges. [Read More]
|
|
|
|
|
|
Release Date:
2003-02-26 |
Secunia Advisory ID:
SA8152 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
EnGarde has issued updates for WebTool which is derived from Webmin. A vulnerability exists which may allows users to bypass the authentication process by including a special metacharacter in the BASE64 encoded authentication string. [Read More]
|
|
|
|
|
|
Release Date:
2003-02-21 |
Secunia Advisory ID:
SA8109 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
EnGarde has released an updated package for openssl. This eliminates an information disclosure vulnerability, which can be exploited by malicious people to gain knowledge of a used plaintext block in a SSL/TLS session. [Read More]
|
|
|
|
|
|
Release Date:
2003-02-21 |
Secunia Advisory ID:
SA8110 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
EnGarde has issued updates to mysql. A double free pointer bug in mysql_change_user allowed logged in users to crash mysqld. [Read More]
|
|
|
|
|
|
Release Date:
2003-02-20 |
Secunia Advisory ID:
SA8097 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
EnGarde has issued updated PHP packages to fix a vulnerability, which can be expoited to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-01-28 |
Secunia Advisory ID:
SA7957 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
EnGarde has issued updates to fetchmail, to fix a remotely expoitable heap overflow. [Read More]
|
|
|
|
|
|
Release Date:
2003-01-27 |
Secunia Advisory ID:
SA7956 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
EnGarde has issued updates to address a Denial of Service and a privilege escalation vulnerability. [Read More]
|
|
|
