|
Vulnerability Report: Debian GNU/Linux 3.1
|
This vulnerability report for Debian GNU/Linux 3.1 contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.
If you have information about a new or an existing vulnerability in Debian GNU/Linux 3.1 then you are more than welcome to contact us.
|
|
|
|
|
Vendor, Links, and Unpatched Vulnerabilities
|
|
|
|
45 Secunia Advisories in 2008
|
Secunia has issued a total of 45 Secunia advisories in 2008 for Debian GNU/Linux 3.1. Currently, 2% (1 out of 45) are marked as unpatched with the most severe being rated Moderately critical 
More information about the specific Secunia advisories affecting Debian GNU/Linux 3.1 can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.
|
|
|
|
|
|
Release Date:
2008-04-17 |
Secunia Advisory ID:
SA29864 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-04-01 |
Secunia Advisory ID:
SA29601 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for xine-lib. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-28 |
Secunia Advisory ID:
SA29580 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for exiftags. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-27 |
Secunia Advisory ID:
SA29501 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Unknown
Exposure of sensitive information
DoS
System access
|
Where:
From local network |
|
Short Description:
Debian has acknowledged some vulnerabilities in firebird2, where some have unknown impact and others can be exploited by malicious users to disclose potentially sensitive information or to cause a DoS (Denial of Service) and by malicious people to cause a DoS or potentially to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-19 |
Secunia Advisory ID:
SA29435 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-18 |
Secunia Advisory ID:
SA29432 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for unzip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-17 |
Secunia Advisory ID:
SA29385 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Debian has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-17 |
Secunia Advisory ID:
SA29400 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of system information
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for horde3. This fixes a vulnerability, which can be exploited by malicious users to disclose sensitive information and potentially compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-17 |
Secunia Advisory ID:
SA29405 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Debian has issued an update for smarty. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-17 |
Secunia Advisory ID:
SA29377 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
Local system |
|
Short Description:
Debian has issued an update for backup-manager. This fixes a security issue, which can be exploited by malicious, local users to disclose sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-12 |
Secunia Advisory ID:
SA29354 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Spoofing
DoS
|
Where:
From remote |
|
Short Description:
Debian has issued an update for libnet-dns-perl. This fixes some vulnerabilities, which can be exploited by malicious people to poison the DNS cache or to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2008-03-10 |
Secunia Advisory ID:
SA29262 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Security Bypass
Cross Site Scripting
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass security restrictions, manipulate certain data, or potentially compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-06 |
Secunia Advisory ID:
SA29244 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-28 |
Secunia Advisory ID:
SA29135 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-26 |
Secunia Advisory ID:
SA29104 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for koffice. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-26 |
Secunia Advisory ID:
SA25400 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for diatheke. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-25 |
Secunia Advisory ID:
SA29071 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Debian has issued an update for turba2. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-25 |
Secunia Advisory ID:
SA29054 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
Exposure of sensitive information
|
Where:
Local system |
|
Short Description:
Debian has issued an update for alsa-driver. This fixes a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-25 |
Secunia Advisory ID:
SA29058 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Unknown
Security Bypass
Exposure of sensitive information
Privilege escalation
DoS
|
Where:
From remote |
|
Short Description:
Debian has issued an update for kernel-2.4.27 and kernel-2.6.8. This fixes some weaknesses, security issues, and vulnerabilities, where one has an unknown impact, and others can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, bypass certain security restrictions, and gain escalated privileges, and by malicious people to cause a DoS. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-20 |
Secunia Advisory ID:
SA28957 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for pcre3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-13 |
Secunia Advisory ID:
SA28930 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for nagios-plugins. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-11 |
Secunia Advisory ID:
SA28776 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for libexif. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-11 |
Secunia Advisory ID:
SA28867 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for tk8.4. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-11 |
Secunia Advisory ID:
SA28857 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for tk8.3. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-11 |
Secunia Advisory ID:
SA28837 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for sdl-image1.2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-11 |
Secunia Advisory ID:
SA28871 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
Manipulation of data
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for phpbb2. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-06 |
Secunia Advisory ID:
SA28814 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Debian has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2008-01-22 |
Secunia Advisory ID:
SA28538 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
Local system |
|
Short Description:
Debian has issued an update for scponly. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-22 |
Secunia Advisory ID:
SA28614 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for libvorbis. This fixes some vulnerabilties, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-22 |
Secunia Advisory ID:
SA28507 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-21 |
Secunia Advisory ID:
SA28551 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
Debian has issued an update for mantis. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks, and a security issue, which can be exploited by malicious people to disclose sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-21 |
Secunia Advisory ID:
SA28548 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-18 |
Secunia Advisory ID:
SA28539 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
Privilege escalation
DoS
|
Where:
Local system |
|
Short Description:
Debian has issued an update for xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information or to gain escalated privileges. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-15 |
Secunia Advisory ID:
SA28451 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Manipulation of data
|
Where:
From remote |
|
Short Description:
Debian has issued an update for gforge. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-15 |
Secunia Advisory ID:
SA28479 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
DoS
|
Where:
From local network |
|
Short Description:
Debian has issued an update for postgresql-7.4. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2008-01-14 |
Secunia Advisory ID:
SA28452 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Debian has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2008-01-11 |
Secunia Advisory ID:
SA28433 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From local network |
|
Short Description:
Debian has issued an update for openafs. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2008-01-08 |
Secunia Advisory ID:
SA28333 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-07 |
Secunia Advisory ID:
SA28342 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for wzdftpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-07 |
Secunia Advisory ID:
SA28347 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for eggdrop. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-07 |
Secunia Advisory ID:
SA28348 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
Debian has issued an update for util-linux. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-07 |
Secunia Advisory ID:
SA28349 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Privilege escalation
|
Where:
Local system |
|
Short Description:
Debian has issued an update for loop-aes-utils. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. [Read More]
|
|
|
|
|
|
Release Date:
2008-01-04 |
Secunia Advisory ID:
SA28334 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Debian has issued an update for maradns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2008-01-04 |
Secunia Advisory ID:
SA28315 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Debian has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2008-01-02 |
Secunia Advisory ID:
SA28255 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Debian has issued an update for tar. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
