English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 73247 CVE descriptions
and 39212 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57689
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 1225-2 (mozilla-firefox)
Summary:Debian Security Advisory DSA 1225-2 (mozilla-firefox)
Description:The remote host is missing an update to mozilla-firefox
announced via advisory DSA 1225-2.

This update covers packages for the little endian MIPS architecture
missing in the original advisory.

Several security related problems have been discovered in Mozilla and
derived products such as Mozilla Firefox. The Common Vulnerabilities
and Exposures project identifies the following vulnerabilities:

CVE-2006-4310

Tomas Kempinsky discovered that malformed FTP server responses
could lead to denial of service.

CVE-2006-5462

Ulrich Khn discovered that the correction for a cryptographic
flaw in the handling of PKCS-1 certificates was incomplete, which
allows the forgery of certificates.

CVE-2006-5463

shutdown discovered that modification of JavaScript objects
during execution could lead to the execution of arbitrary
JavaScript bytecode.

CVE-2006-5464

Jesse Ruderman and Martijn Wargers discovered several crashes in
the layout engine, which might also allow execution of arbitrary
code.

CVE-2006-5748

Igor Bukanov and Jesse Ruderman discovered several crashes in the
JavaScript engine, which might allow execution of arbitrary code.

This update also adresses several crashes, which could be triggered by
malicious websites and fixes a regression introduced in the previous
Mozilla update.


For the stable distribution (sarge) these problems have been fixed in
version 1.0.4-2sarge13.

For the unstable distribution (sid) these problems have been fixed in
the current iceweasel package 2.0+dfsg-1.

We recommend that you upgrade your mozilla-firefox package.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%201225-2
Cross-Ref: BugTraq ID: 19678
BugTraq ID: 20957
Common Vulnerability Exposure (CVE) ID: CVE-2006-4310
Bugtraq: 20060822 (exploit) firefox 1.5.0.6 linux DoS (Google Search)
http://www.securityfocus.com/archive/1/archive/1/444064/100/0/threaded
Debian Security Information: DSA-1224 (Google Search)
http://www.debian.org/security/2006/dsa-1224
Debian Security Information: DSA-1225 (Google Search)
http://www.debian.org/security/2006/dsa-1225
Debian Security Information: DSA-1227 (Google Search)
http://www.debian.org/security/2006/dsa-1227
http://www.securityfocus.com/bid/19678
http://secunia.com/advisories/23197
http://secunia.com/advisories/23202
http://secunia.com/advisories/23235
http://securityreason.com/securityalert/1444
Common Vulnerability Exposure (CVE) ID: CVE-2006-5462
http://www.mozilla.org/security/announce/2006/mfsa2006-60.html
https://bugzilla.mozilla.org/show_bug.cgi?id=356215
http://security.gentoo.org/glsa/glsa-200612-06.xml
http://security.gentoo.org/glsa/glsa-200612-07.xml
http://security.gentoo.org/glsa/glsa-200612-08.xml
HPdes Security Advisory: HPSBUX02153
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/security/advisories?name=MDKSA-2006:205
http://www.mandriva.com/security/advisories?name=MDKSA-2006:206
RedHat Security Advisories: RHSA-2006:0733
http://rhn.redhat.com/errata/RHSA-2006-0733.html
RedHat Security Advisories: RHSA-2006:0734
http://rhn.redhat.com/errata/RHSA-2006-0734.html
RedHat Security Advisories: RHSA-2006:0735
http://rhn.redhat.com/errata/RHSA-2006-0735.html
SGI Security Advisory: 20061101-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1
SuSE Security Announcement: SUSE-SA:2006:068 (Google Search)
http://www.novell.com/linux/security/advisories/2006_68_mozilla.html
http://www.ubuntu.com/usn/usn-381-1
http://www.ubuntu.com/usn/usn-382-1
Cert/CC Advisory: TA06-312A
http://www.us-cert.gov/cas/techalerts/TA06-312A.html
CERT/CC vulnerability note: VU#335392
http://www.kb.cert.org/vuls/id/335392
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10478
http://www.vupen.com/english/advisories/2006/4387
http://www.vupen.com/english/advisories/2007/0293
http://www.vupen.com/english/advisories/2007/1198
http://www.vupen.com/english/advisories/2006/3748
http://www.vupen.com/english/advisories/2008/0083
http://securitytracker.com/id?1017180
http://securitytracker.com/id?1017181
http://securitytracker.com/id?1017182
http://secunia.com/advisories/22722
http://secunia.com/advisories/22770
http://secunia.com/advisories/22727
http://secunia.com/advisories/22737
http://secunia.com/advisories/22763
http://secunia.com/advisories/22817
http://secunia.com/advisories/22929
http://secunia.com/advisories/22965
http://secunia.com/advisories/22980
http://secunia.com/advisories/23009
http://secunia.com/advisories/23013
http://secunia.com/advisories/23263
http://secunia.com/advisories/23287
http://secunia.com/advisories/23297
http://secunia.com/advisories/23883
http://secunia.com/advisories/22815
http://secunia.com/advisories/24711
http://secunia.com/advisories/22066
XForce ISS Database: mozilla-nss-security-bypass(30098)
http://xforce.iss.net/xforce/xfdb/30098
Common Vulnerability Exposure (CVE) ID: CVE-2006-5463
Bugtraq: 20061109 rPSA-2006-0206-1 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/archive/1/451099/100/0/threaded
https://bugzilla.mozilla.org/show_bug.cgi?id=355655
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103011-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200185-1
CERT/CC vulnerability note: VU#714496
http://www.kb.cert.org/vuls/id/714496
http://www.securityfocus.com/bid/20957
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10357
http://www.vupen.com/english/advisories/2007/2663
http://securitytracker.com/id?1017184
http://securitytracker.com/id?1017185
http://securitytracker.com/id?1017186
http://secunia.com/advisories/22774
XForce ISS Database: mozilla-script-code-execution(30116)
http://xforce.iss.net/xforce/xfdb/30116
Common Vulnerability Exposure (CVE) ID: CVE-2006-5464
https://bugzilla.mozilla.org/show_bug.cgi?id=307809
https://bugzilla.mozilla.org/show_bug.cgi?id=310267
https://bugzilla.mozilla.org/show_bug.cgi?id=350370
https://bugzilla.mozilla.org/show_bug.cgi?id=351328
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103121-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200587-1
CERT/CC vulnerability note: VU#495288
http://www.kb.cert.org/vuls/id/495288
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9304
http://www.vupen.com/english/advisories/2007/3588
http://securitytracker.com/id?1017177
http://securitytracker.com/id?1017178
http://securitytracker.com/id?1017179
http://secunia.com/advisories/27328
XForce ISS Database: mozilla-layout-dos(30092)
http://xforce.iss.net/xforce/xfdb/30092
Common Vulnerability Exposure (CVE) ID: CVE-2006-5748
https://bugzilla.mozilla.org/show_bug.cgi?id=349527
https://bugzilla.mozilla.org/show_bug.cgi?id=350238
https://bugzilla.mozilla.org/show_bug.cgi?id=351116
https://bugzilla.mozilla.org/show_bug.cgi?id=351973
https://bugzilla.mozilla.org/show_bug.cgi?id=352271
https://bugzilla.mozilla.org/show_bug.cgi?id=352606
https://bugzilla.mozilla.org/show_bug.cgi?id=353165
https://bugzilla.mozilla.org/show_bug.cgi?id=354145
https://bugzilla.mozilla.org/show_bug.cgi?id=354151
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103139-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201335-1
CERT/CC vulnerability note: VU#390480
http://www.kb.cert.org/vuls/id/390480
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11408
http://www.vupen.com/english/advisories/2007/3821
http://secunia.com/advisories/27603
XForce ISS Database: mozilla-javascript-engine-code-execution(30096)
http://xforce.iss.net/xforce/xfdb/30096
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.