CVE-2008-0983 (Medium) :
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a
file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large
number of connections, which triggers an out-of-bounds access.
CVE-2008-1111 (Medium) :
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a
fork failure occurs, which might allow remote attackers to obtain sensitive information.
CVE-2008-1270 (Medium) :
mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME,
which might allow remote attackers to read arbitrary files, as demonstrated by accessing the
~nobody directory.
Instead of simply copying the 'ip_vs.h' header file we apply a patch that
assures the installation of a 'sanitized' version while building the
linux-header package.
CVE-2007-4091 (Medium) :
Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute
arbitrary code via directory names that are not properly handled when calling the f_name function.
CVE-2007-6199 (High) :
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows
remote attackers to access restricted files via unknown vectors that cause rsync to create a
symlink that points outside of the module's hierarchy.
CVE-2007-6200 (High) :
Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows
remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1)
symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options.
CVE-2008-0595 (High) :
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes
in allow directives in the security policy only for fully qualified method calls, which allows local
users to bypass intended access restrictions via a method call with a NULL interface.
CVE-2006-5752 (Medium) :
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP
Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows
remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets
with browsers that perform "charset detection" when the content-type is not specified.
CVE-2007-1862 (Medium) :
The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels
of header data, which can cause Apache to return HTTP headers containing previously used data,
which could be used by remote attackers to obtain potentially sensitive information.
CVE-2007-1863 (Medium) :
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled
and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a
denial of service (child processing handler crash) via a request with the (1) s-maxage, (2)
max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
CVE-2007-3304 (Medium) :
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a
denial of service by modifying the worker_score and process_score arrays to reference an
arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1
killer."
CVE-2007-3847 (Medium) :
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a
threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy
process crash) via crafted date headers that trigger a buffer over-read.
CVE-2007-5000 (Medium) :
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server
1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache
HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via
unspecified vectors.
CVE-2007-6388 (Medium) :
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through
2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled,
allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-6421 (Low) :
Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache
HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via
the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
CVE-2007-6422 (Medium) :
The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through
2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to
cause a denial of service (child process crash) via an invalid bb variable.
CVE-2008-0005 (Medium) :
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before
1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site
scripting (XSS) attacks using UTF-7 encoding.
CVE-2007-5846 (High) :
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a
denial of service (CPU and memory consumption) via a GETBULK request with a large
max-repeaters value.
CVE-2007-6239 (MEDIUM-Network exploitable) :
The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid
3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to
HTTP headers and an Array memory leak during requests for cached objects.
Note: The tarball for this release that is provided upstream doesn't
have a toplevel directory, which we had to fix through a custom
function extracting the tarball properly!
Please see the notes provided in the package config file!