debsecan-0.4.16+nmu1/0000755000000000000000000000000011571677071011124 5ustar debsecan-0.4.16+nmu1/debian/0000755000000000000000000000000011734521725012341 5ustar debsecan-0.4.16+nmu1/debian/compat0000644000000000000000000000000211264675234013542 0ustar 5 debsecan-0.4.16+nmu1/debian/changelog0000644000000000000000000002470411734521725014222 0ustar debsecan (0.4.16+nmu1) unstable; urgency=low * Non-maintainer upload. * Fix pending l10n issues. Debconf translations: - Danish (Joe Hansen). Closes: #654514 - Polish (Michał Kułach). Closes: #664652 -- Christian Perrier Wed, 28 Mar 2012 07:38:20 +0200 debsecan (0.4.16) unstable; urgency=low * Apply patch from Paul Wise to support wheezy -- Florian Weimer Thu, 06 Oct 2011 15:03:37 +0200 debsecan (0.4.15) unstable; urgency=low * Actually support recent python-apt versions, with thanks to Michael Gilbert. Closes: #628541. -- Florian Weimer Thu, 02 Jun 2011 14:11:56 +0200 debsecan (0.4.14) unstable; urgency=low * Rework debconf handling. /etc/default/debsecan is no longer a conffile. Closes: #545362, #545363 * Remove obsolete configuration migration code * Update debconf parser for lenny, squeeze * Adjust test suite and README URLs * Try both version_compare and VersionCompare, for the python-apt 0.8 API migration. Closes: #572086 * Do not use full path to command in postinst * Update Standards-Version, adjust dependencies * Switch debhelper compatibility level to 5 -- Florian Weimer Sun, 07 Mar 2010 18:07:39 +0100 debsecan (0.4.13) unstable; urgency=low * Update URL from security-tracker.debian.net to security-tracker.debian.org -- Florian Weimer Mon, 12 Oct 2009 18:23:57 +0000 debsecan (0.4.12) unstable; urgency=low * Fix squeeze typo. Closes: #518276 * Add squeeze to the debconf templates. -- Florian Weimer Fri, 06 Mar 2009 22:16:18 +0100 debsecan (0.4.11) unstable; urgency=low * Acknowledge NMUs. Closes: #490719, #465293. * Add squeeze suite. Closes: #516729. * Guard against gethostbyname failure when determining the IP address. Closes: #500480. * Add Finnish debconf transaction by Esko Arajärvi. Closes: #502734. * Add Japanese debconf translation by Hideki Yamane. Closes: #512986. -- Florian Weimer Sat, 28 Feb 2009 19:24:04 +0100 debsecan (0.4.10+nmu2) unstable; urgency=low * Non-maintainer upload. * Fix pending l10n bugs. Debconf translations: - Turkish. Closes: #490719 -- Christian Perrier Sat, 18 Oct 2008 07:26:48 +0200 debsecan (0.4.10+nmu1) unstable; urgency=low * Non-maintainer upload with maintainer approval. * Update URLs to point to security-tracker.debian.net (closes: #465293). -- Thijs Kinkhorst Sat, 26 Apr 2008 21:22:46 +0200 debsecan (0.4.10) unstable; urgency=low * Support macros in MAILTO configuration variable Closes: #433728. * Make subject line configurable through /etc/default/debsecan. Closes: #437762. * Remove support for running without python-apt installed. This produces more useful error messages in case python-apt is installed, but unusable. Closes: #435795. * Document how to reduce the freqency of reports. Closes: #422997. * Add Brazilian Portuguese debconf templates translation, by Eder L. Marques . Closes: #437632. * Set MAILTO=root in generated cron file. This change is only effective on new installations. Suggested by Bastian Kleineidam. Closes: #435791. -- Florian Weimer Sun, 02 Sep 2007 17:27:52 +0200 debsecan (0.4.9) unstable; urgency=high * Add lenny suite to the debconf template as well. Closes: #418247. -- Florian Weimer Tue, 10 Apr 2007 07:16:24 +0200 debsecan (0.4.8) unstable; urgency=high * Dutch translation of debconf messages, by Bart Cornelis. Closes: #415509. * Add lenny suite. Closes: #418247. -- Florian Weimer Mon, 9 Apr 2007 11:46:19 +0200 debsecan (0.4.7) unstable; urgency=low * Norwegian Bokmal translation of debconf messages, by Hans Fredrik Nordhaug. Closes: #414357. * Spanish translation of debconf messages, by Manuel Porras Peralta. Closes: #411800. -- Florian Weimer Mon, 12 Mar 2007 19:17:22 +0100 debsecan (0.4.6) unstable; urgency=low * Migrate /var/lib/debsecan away from root permissions unconditionally. Closes: #344117 (again). -- Florian Weimer Fri, 2 Mar 2007 21:58:39 +0100 debsecan (0.4.5) unstable; urgency=low * debconf translation uppdates: - Basque, by Piarres Beobide. Closes: #411659. - Catalan, by Jordà Polo. Closes: 411992. - Czecj, by Miroslav Kure. Closes: #411556. - French, by Christian Perrier. Closes: #411616. - Galician, by Jacobo Tarrio. Closes: #411428. - German, by Matthias Julius. Closes: #411440. - Hebrew, by Lior Kaplan. Closes: #411572. - Italian, by Luca Monducci. Closes: #411478. - Portuguese, by Miguel Figueiredo. Closes: #411419. - Russian, by Yuri Kozlov. Closes: #411543. - Swedish, by Daniel Nylander. Closes: #411447. -- Florian Weimer Fri, 23 Feb 2007 08:35:10 +0100 debsecan (0.4.4) unstable; urgency=high * Add the configuration file /etc/default/debsecan. Closes: #410946. * Using the new configuration file, it is possible to control where daily reports are sent. Closes: #398199. * Try to make debconf questions easier to understand. Closes: #407186. -- Florian Weimer Sun, 18 Feb 2007 16:52:59 +0100 debsecan (0.4.3.5) unstable; urgency=low * Add /etc/cron.d directory to the package. Closes: #408237. -- Florian Weimer Thu, 25 Jan 2007 21:49:17 +0100 debsecan (0.4.3.4) unstable; urgency=low * Add Italian debconf translation, by Luca Monducci. Closes: #404418. * Fix the fr.po file and remove strange characters. -- Florian Weimer Sun, 24 Dec 2006 18:52:21 +0100 debsecan (0.4.3.3) unstable; urgency=low * German debconf translation, by Matthias Julius. Closes: #401497. * French debconf translation, by Steve . Closes: #403025. -- Florian Weimer Thu, 14 Dec 2006 14:06:11 +0100 debsecan (0.4.3.2) unstable; urgency=low * Portuguese translation, by Rui Branco. Closes: #400988. -- Florian Weimer Fri, 1 Dec 2006 09:08:56 +0100 debsecan (0.4.3.1) unstable; urgency=low * More fixes for debconf templates. Closes: #400811, #368376. -- Florian Weimer Wed, 29 Nov 2006 20:47:43 +0100 debsecan (0.4.3) unstable; urgency=low * Correct spelling error in manpage. Closes: #368376. * Promote python-apt to a full dependency. Package versions containing the ~ characters lack a clear specification, and reusing the existing implementation in APT is the best way to deal with this issue. Closes: #390596. * Document the http_proxy environment variable. Closes: #376773. * Add Czech translation of debconf messages, by Miroslav Kure . Closes: #369098. * Add Swedish translation of debconf message, by Daniel Nylander . Closes: #387520. -- Florian Weimer Mon, 2 Oct 2006 19:46:10 +0200 debsecan (0.4.2) unstable; urgency=low * Handle file open errors more gracefully. Closes: #352925. * Add --show-whitelist option. Closes: #352927. * Show an error message if a non-existing bug is removed from the whitelist. Closes: #352952. * Add "simple" format. Closes: #352929. * Upgraded to policy version 3.7.2.0, no changes required. * Add po-debconf support. Closes: #351380. -- Florian Weimer Sat, 20 May 2006 17:38:05 +0200 debsecan (0.4.1) unstable; urgency=low * urllib2 raises yet another exception when networking problems occur; handle it. Closes: #349760. -- Florian Weimer Wed, 25 Jan 2006 14:15:53 +0100 debsecan (0.4.0) unstable; urgency=low * In report mode, aggregate similar packages into lists. Suggested by Moritz Muehlenhoff. * Use python-apt if it is available, which allows us to deal with versions which do not conform to policy. Closes: #346179. * Add --line-length option. Closes: #346193. * In report mode, include an URL which has more information about the bug. Closes: #346191. * Add whitelisting support. Closes: #345920. -- Florian Weimer Tue, 17 Jan 2006 19:21:52 +0100 debsecan (0.3.4) unstable; urgency=low * Switch to urllib2, which handles HTTP errors in a better way. Closes: #345308. * Add --no-obsolete option. -- Florian Weimer Sun, 1 Jan 2006 13:50:24 +0100 debsecan (0.3.3) unstable; urgency=low * Fix syntax error in config script. Closes: #344976. * Be more tolerant about broken package descriptions in /var/lib/dpkg/status. Closes: #344996. -- Florian Weimer Wed, 28 Dec 2005 09:52:53 +0100 debsecan (0.3.2) unstable; urgency=low * Fix typo in obsolete packages message. Closes: #344778. * --format report and --only-fixed no longer conflict. * Add debconf configuration. -- Florian Weimer Tue, 27 Dec 2005 14:23:03 +0100 debsecan (0.3.1) unstable; urgency=low * Remove duplicate explanations regarding obsolete packages. -- Florian Weimer Sun, 25 Dec 2005 18:12:25 +0100 debsecan (0.3) unstable; urgency=low * Support package pinning. * The --suite option is no longer mandatory. * When the user selected a specific suite, flag packages which have been removed as obsolete. Closes: #344241. -- Florian Weimer Fri, 23 Dec 2005 15:35:46 +0100 debsecan (0.2.2) unstable; urgency=low * Add Recommends: for cron and mail-transport-agent. * Make debsecan-create-cron more robust to a --suite option. Closes: #344204. * Gracefully ignore packages with invalid version information. Closes: #344106. -- Florian Weimer Thu, 22 Dec 2005 10:27:54 +0100 debsecan (0.2.1) unstable; urgency=low * Fix permissions of /var/lib/debsecan. Closes: #344117. -- Florian Weimer Tue, 20 Dec 2005 11:17:28 +0100 debsecan (0.2) unstable; urgency=low * Remove duplicate output from --format report. * Fix handling of binary packages (important fix, old output was very incomplete). * Switch to secure-testing.debian.net as vulnerability data source. * Add debsecan-create-cron script. * Use daemon:daemon for history data. -- Florian Weimer Mon, 19 Dec 2005 19:26:06 +0100 debsecan (0.1) unstable; urgency=low * First version. -- Florian Weimer Wed, 14 Dec 2005 16:09:20 +0100 debsecan-0.4.16+nmu1/debian/debsecan.config0000644000000000000000000000237411643323400015267 0ustar #!/bin/bash set -e . /usr/share/debconf/confmodule db_capb backup CONFFILE=/etc/default/debsecan CRONFILE=/etc/cron.d/debsecan normalize_suite () { case "$SUITE" in sarge|etch|lenny|squeeze|wheezy|sid) ;; *) SUITE=GENERIC ;; esac } read_existing_configuration () { if test -r "$CONFFILE" ; then . "$CONFFILE" || true normalize_suite if test ! -z "$REPORT" ; then db_set debsecan/report "$REPORT" fi if test -z "$MAILTO" ; then db_set debsecan/mailto root else db_set debsecan/mailto "$MAILTO" fi for var in SUITE SOURCE ; do db_set debsecan/$(echo $var | tr A-Z a-z) ${!var} done fi } read_existing_configuration maybe_input () { db_get debsecan/report if test "$RET" = true ; then db_input "$@" || true fi } STATE=1 while true; do case "$STATE" in 1) db_input medium debsecan/suite || true ;; 2) db_input low debsecan/report || true ;; 3) db_get debsecan/report maybe_input low debsecan/mailto || true ;; 4) db_get debsecan/report db_input low debsecan/source || true ;; *) break ;; esac if db_go; then STATE=$(($STATE + 1)) else STATE=$(($STATE - 1)) fi done if test $STATE -eq 1 ; then exit 10 fi debsecan-0.4.16+nmu1/debian/debsecan.prerm0000644000000000000000000000021610601557775015161 0ustar #!/bin/sh set -e if test "$1" = "remove" ; then rm -f /var/lib/debsecan/history rm -f /var/lib/debsecan/history.new fi #DEBHELPER# debsecan-0.4.16+nmu1/debian/debsecan.dirs0000644000000000000000000000001310601557775014770 0ustar etc/cron.d debsecan-0.4.16+nmu1/debian/control0000644000000000000000000000133011344756623013745 0ustar Source: debsecan Section: admin Priority: optional Maintainer: Florian Weimer Build-Depends: debhelper (>> 5) Build-Depends-Indep: po-debconf Standards-Version: 3.8.4 Package: debsecan Architecture: all Depends: debconf | debconf-2.0, python (>= 2.3), python-apt, ${misc:Depends} Recommends: cron, exim4 | mail-transport-agent Description: Debian Security Analyzer debsecan is a tool to generate a list of vulnerabilities which affect a particular Debian installation. debsecan runs on the host which is to be checked, and downloads vulnerability information over the Internet. It can send mail to interested parties when new vulnerabilities are discovered or when security updates become available. debsecan-0.4.16+nmu1/debian/debsecan.templates0000644000000000000000000000247011643323400016015 0ustar Template: debsecan/report Type: boolean Default: true _Description: Do you want debsecan to send daily reports? debsecan can check the security status of the host once per day, and notify you of any changes by email. . If you choose this option, debsecan will download a small file once a day. Your package list will not be transmitted to the server. Template: debsecan/mailto Type: string Default: root _Description: Email address to which daily reports should be sent: Template: debsecan/suite Type: select Choices: GENERIC, sarge, etch, lenny, squeeze, wheezy, sid Default: GENERIC _Description: Main suite from which packages are installed: To present more useful data, debsecan needs to know the Debian release from which you usually install packages. . If you specify "GENERIC" (the default), only basic debsecan functionality is available. If you specify the suite matching your sources.list configuration, information about fixed and obsolete packages will be included in email reports. Template: debsecan/source Type: string Default: _Description: URL of vulnerability information: debsecan fetches vulnerability information from the network. If your system is not connected to the Internet, you can enter the URL of a local mirror here. If you leave this option empty, the built-in default URL is used. debsecan-0.4.16+nmu1/debian/copyright0000644000000000000000000000177010601557775014307 0ustar This package was debianized by Florian Weimer , who is also the upstream author. Copyright: debsecan - Debian Security Analyzer Copyright (C) 2005, 2006 Florian Weimer This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA A copy of the GNU General Public License, version 2, can be found in /usr/share/common-licenses/GPL or in the COPYING file included with the source. debsecan-0.4.16+nmu1/debian/debsecan.postinst0000644000000000000000000000302011344755351015706 0ustar #!/bin/bash set -e . /usr/share/debconf/confmodule case "$1" in configure) # If the directory is owned by root, change ownership. This # happens for fresh installations, and re-installations after # removal (and purge, of course). find /var/lib/debsecan -maxdepth 0 -user root | while read dir ; do chown daemon:daemon "$dir" done if ! test -e /etc/default/debsecan ; then cat > /etc/default/debsecan <. install -d debian/`dh_listpackages`/var/lib/debsecan install -D -m 0755 src/debsecan \ debian/`dh_listpackages`/usr/bin/debsecan install -D -m 0755 src/debsecan-create-cron \ debian/`dh_listpackages`/usr/sbin/debsecan-create-cron install -D -m 0755 doc/debsecan.1 \ debian/`dh_listpackages`/usr/share/man/man1/debsecan.1 install -D -m 0755 doc/debsecan-create-cron.8 \ debian/`dh_listpackages`/usr/share/man/man8/debsecan-create-cron.8 # Build architecture-independent files here. binary-indep: build install dh_testdir dh_testroot dh_installchangelogs dh_installdocs README dh_installexamples # dh_installmenu dh_installdebconf # dh_installlogrotate # dh_installemacsen # dh_installcatalogs # dh_installpam # dh_installmime # dh_installinit # dh_installcron # dh_installinfo # dh_undocumented dh_installman dh_link dh_compress dh_fixperms # dh_perl # dh_python dh_installdeb dh_gencontrol dh_md5sums dh_builddeb # Build architecture-dependent files here. binary-arch: build install # We have nothing to do by default. binary: binary-indep binary-arch .PHONY: build clean binary-indep binary-arch binary install debsecan-0.4.16+nmu1/debian/po/0000755000000000000000000000000011734666041012760 5ustar debsecan-0.4.16+nmu1/debian/po/fr.po0000644000000000000000000000716111731551020013717 0ustar # translation of fr.po to French # Debsecan. # Copyright (C) 2006 # This file is distributed under the same license as the debsecan package. # # Florian Weimer , 2006. # Christian Perrier , 2007. # Steve Petruzzello msgid "" msgstr "" "Project-Id-Version: fr\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-20 07:36+0100\n" "Last-Translator: Christian Perrier \n" "Language-Team: French \n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Faut-il que Debsecan envoie des rapports quotidiens par courriel ?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "Debsecan peut vérifier quotidiennement l'état de sécurité de l'hôte et vous " "informer de tout changement." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "En choisissant cette option, Debsecan téléchargera quotidiennement un petit " "fichier. La liste des paquets ne sera pas transmise au serveur." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Adresse électronique où seront envoyés les rapports quotidiens :" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Version de la distribution utilisée :" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Afin de présenter des données utiles, Debsecan a besoin de connaître la " "version de la distribution que vous utilisez." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "En indiquant « GENERIC » (valeur par défaut), seules des fonctionnalités " "très basiques de Debsecan seront disponibles. En revanche, si vous indiquez " "la version correspondant au fichier « sources.list », des informations sur " "les paquets corrigés et obsolètes seront ajoutées au rapport envoyé par " "courriel." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL donnant les informations sur les vulnérabilités :" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "Debsecan récupère les informations sur les vulnérabilités via le réseau. Si " "votre système n'est pas connecté à l'Internet, vous pouvez indiquer l'URL " "d'un miroir local. Si vous laissez ce champ vide, l'adresse par défaut " "configurée dans le programme sera utilisée." debsecan-0.4.16+nmu1/debian/po/it.po0000644000000000000000000000704011731551021013721 0ustar # Italian (it) translation of debconf templates for debsecan # Copyright (C) 2006 Free Software Foundation, Inc. # This file is distributed under the same license as the debsecan package. # Luca Monducci , 2006, 2007. # msgid "" msgstr "" "Project-Id-Version: debsecan 0.4.4 italian debconf templates\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-19 11:19+0100\n" "Last-Translator: Luca Monducci \n" "Language-Team: Italian \n" "Language: it\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=ISO-8859-1\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Si vuole che debsecan invii dei report giornalieri?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan pu verificare lo stato della sicurezza della macchina e, una volta " "al giorno, notificare via email qualsiasi cambiamento." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Se si attiva questa opzione, debsecan scarica un piccolo file una volta al " "giorno; il proprio elenco dei pacchetti non viene trasmesso al server." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Indirizzo email a cui devono essere inviati i report giornalieri:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Release dalla quale abitualmente si installano i pacchetti:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Per presentare dei informazioni ancora pi utili, debsecan deve conoscere da " "quale release Debian si installano solitamente i pacchetti." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Se si indica \"GENERIC\" (il valore predefinito) sono disponibili solo le " "funzionalit di base di debsecan. Se si specifica la stessa release indicata " "in sources.list, le informazioni su pacchetti per i quali esistono delle " "correzioni o obsoleti vengono inserite nei report via email." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL delle informazioni sulle vulnerabilit:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan prende le informazioni sulle vulnerabilit dalla rete. Se il " "proprio sistema non connesso a Internet si pu inserire l'URL di un mirror " "locale. Se si lascia vuota questa voce, viene usata l'URL predefinita." debsecan-0.4.16+nmu1/debian/po/pt_BR.po0000644000000000000000000000733011731551021014315 0ustar # debsecan Brazilian Portuguese translation # Copyright (c) 2006-2007 Florian Weimer # Copyright (c) 2006, Herbert Parentes Fortes Neto (hpfn) # Copyright (c) 2007, Eder L. Marques # This file is distributed under the same license as the debsecan package. # msgid "" msgstr "" "Project-Id-Version: debsecan_0.4.9\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-08-06 00:45-0300\n" "Last-Translator: Eder L. Marques \n" "Language-Team: l10n Portuguese \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "pt_BR utf-8\n" "X-Generator: KBabel 1.11.4\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Você quer que o debsecan envie relatórios diários?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "O debsecan pode checar o estado de segurança de uma máquina uma vez por dia, " "e notificá-lo sobre qualquer mudança por e-mail." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Se você escolher esta opção, o debsecan irá baixar um pequeno arquivo uma " "vez por dia. Sua lista de pacotes não será transmitida para o servidor." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Endereço de e-mail para o qual os relatórios devem ser enviados:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Suite principal de onde os pacotes são instalados:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Para apresentar dados mais úteis, o debsecan precisa saber a versão do " "Debian de onde você geralmente instala pacotes." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Se você especificar \"GENERIC\" (o padrão), apenas as funcionalidades " "básicas do debsecan estarão disponíveis. Se você especificar a suite de " "acordo com a configuração do seu sources.list, informações sobre pacotes " "consertados ('fixed') e obsoletos ('obsolete') serão incluídas nos " "relatórios enviados por email." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL das informações de vulnerabilidade:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "O debsecan busca informações de vulnerabilidade através da rede. Se o seu " "sistema não está conectado à Internet, você deve informar a URL do espelho " "(\"mirror\") local aqui. Se você deixar esta opção em branco, a URL padrão " "interna será usada." debsecan-0.4.16+nmu1/debian/po/templates.pot0000644000000000000000000000445211074367720015506 0ustar # SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" debsecan-0.4.16+nmu1/debian/po/gl.po0000644000000000000000000000657111731551020013716 0ustar # Galician translation of debsecan's debconf templates # This file is distributed under the same license as the debsecan package. # Jacobo Tarrio , 2007. # msgid "" msgstr "" "Project-Id-Version: debsecan\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-19 00:36+0100\n" "Last-Translator: Jacobo Tarrio \n" "Language-Team: Galician \n" "Language: gl\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "¿Quere que debsecan envíe informes diarios?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan pode comprobar a seguridade da máquina unha vez cada día, e avisalo " "por email de calquera cambio." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Se escolle esta opción, debsecan ha descargar un pequeno ficheiro cada día. " "Non se ha transmitir a lista de paquetes ao servidor." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Enderezo de email ao que enviar os informes diarios:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Versión da que se instalan os paquetes:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Para lle presentar datos máis útiles, debsecan precisa de coñecer a versión " "de Debian da que adoita instalar os paquetes." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Se indica \"GENERIC\" (o valor por defecto), só ha estar dispoñible a " "funcionalidade básica de debsecan. Se especifica a versión que encaixa coa " "configuración armacenada no ficheiro sources.list, hase incluír información " "sobre paquetes arranxados e obsoletos nos informes por email." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL da información sobre vulnerabilidades:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan descarga a información sobre vulnerabilidades da rede. Se o seu " "sistema non está conectado a Internet, pode introducir o URL dunha réplica " "local aquí. Se deixa esta opción en branco, hase empregar o URL por defecto." debsecan-0.4.16+nmu1/debian/po/fi.po0000644000000000000000000000636011731551020013706 0ustar msgid "" msgstr "" "Project-Id-Version: debsecan\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: \n" "Last-Translator: Esko Arajärvi \n" "Language-Team: Finnish \n" "Language: fi\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Poedit-Language: Finnish\n" "X-Poedit-Country: FINLAND\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Tulisiko debsecanin lähettää raportteja päivittäin?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan voi tarkistaa koneen turvatilanteen päivittäin ja lähettää viestin " "muutoksista sähköpostilla." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Jos valitset tämän vaihtoehdon, debsecan lataa päivittäin pienen tiedoston. " "Pakettilistaasi ei lähetetä palvelimelle." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Sähköpostiosoite, johon päivittäiset raportit tulisi lähettää:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Jakelu, jonka paketteja oletuksena asennetaan:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Jotta esitetyt tiedot olisivat käyttökelpoisempia, debsecanin täytyy tietää " "minkä Debian-jakelun paketteja yleensä asennetaan." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Jos valitset ”GENERIC” (oletus), vain debsecanin perustoiminnallisuudet ovat " "käytettävissä. Jos valitset tiedoston sources.list asetuksiin täsmäävän " "jakelun, sähköpostiraportteihin sisällytetään tiedot korjatuista ja " "vanhentuneista paketeista." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "Haavoittuvuustietojen URL:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan hakee tiedot haavoittuvuuksista verkosta. Jos järjestelmä ei ole " "yhteydessä Internetiin, voit antaa tässä paikallisen peilin URLin. Jos jätät " "kentän tyhjäksi, käytetään ohjelman sisäänrakennettua oletusarvoa." debsecan-0.4.16+nmu1/debian/po/pl.po0000644000000000000000000000723111733554174013740 0ustar # Translation of debsecan debconf templates to Polish. # Copyright (C) 2008 # This file is distributed under the same license as the debsecan package. # # Michał Kułach , 2012. msgid "" msgstr "" "Project-Id-Version: \n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2012-03-19 16:08+0100\n" "Last-Translator: Michał Kułach \n" "Language-Team: Polish \n" "Language: pl\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Lokalize 1.2\n" "Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 " "|| n%100>=20) ? 1 : 2);\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Czy debsecan ma wysyłać codzienne raporty?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "Program debsecan może sprawdzać status bezpieczeństwa hosta codziennie i " "powiadamiać o wszystkich zmianach za pośrednictwem poczty elektronicznej." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Jeśli tak opcja zostanie wybrana, debsecan będzie codziennie pobierał " "niewielki plik. Lista pakietów nie będzie wysyłana na serwer." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Adres poczty elektronicznej, na który będą wysyłane codzienne raporty:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Główny zestaw, z którego instalowane są pakiety:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Aby przedstawiać użyteczniejsze dane, debsecan musi znać wydanie Debiana, z " "którego najczęściej są instalowane pakiety." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Jeśli zostanie wpisane \"GENERIC\" (domyślnie), dostępne będą tylko " "podstawowe funkcje debsecan. W przypadku wpisania zestawu pasującego do " "bieżącej konfiguracji sources.list, w wiadomościach będą załączone " "informacje o naprawionych i przestarzałych pakietach." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL informacji o zagrożeniach bezpieczeństwa:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "Program debsecan może pobierać informacje o błędach bezpieczeństwa z sieci. " "Jeśli komputer nie jest podłączony do Internetu, można podać URL lokalnego " "serwera lustrzanego. W przypadku pozostawienia pola pustego, zostanie użyty " "wbudowany, domyślny URL." debsecan-0.4.16+nmu1/debian/po/ca.po0000644000000000000000000000700711731551020013672 0ustar # # Catalan translation for debsecan package. # Copyright (C) 2007 Florian Weimer. # This file is distributed under the same license as the debsecan # package. # # Jordà Polo , 2007. # msgid "" msgstr "" "Project-Id-Version: 0.4.4\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-21 19:04+0100\n" "Last-Translator: Jordà Polo \n" "Language-Team: Català \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Voleu que debsecan enviï informes diaris?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan pot comprovar l'estat de la seguretat de la màquina una vegada al " "dia, i notificar qualsevol canvi per correu electrònic." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Si trieu aquesta opció, debsecan descarregarà un petit fitxer cada dia. La " "llista dels paquets que tingueu instal·lats no s'enviarà al servidor." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Adreça de correu electrònic on s'haurien d'enviar els informes diaris:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Col·lecció principal des de la qual s'instal·len els paquets:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Per tal de presentar dades més útils, debsecan necessita saber quina versió " "de Debian utilitzeu normalment per a instal·lar paquets." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Si trieu «GENERIC» (que és l'opció predeterminada), només disposareu de la " "funcionalitat més bàsica de debsecan. Si especifiqueu la versió d'acord amb " "la configuració del vostre sources.list, en els informes també s'inclourà " "informació referent a errors solucionats i paquets obsolets." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL amb informació de la vulnerabilitat:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan obté la informació de les vulnerabilitats des de la xarxa. Si el " "vostre sistema no està connectat a Internet, podeu introduir l'URL d'una " "rèplica local. Si deixeu aquesta opció en blanc, s'utilitzarà l'URL " "predeterminada." debsecan-0.4.16+nmu1/debian/po/ru.po0000644000000000000000000001047511731551021013741 0ustar # translation of debsecan_0.4.4_debconf_ru.po to Russian # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # # Yuri Kozlov , 2007. msgid "" msgstr "" "Project-Id-Version: 0.4.4\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-19 21:41+0300\n" "Last-Translator: Yuri Kozlov \n" "Language-Team: Russian \n" "Language: ru\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Должен ли debsecan посылать ежедневные отчёты?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan может проверять отчёты безопасности один раз в день, и уведомлять о " "любых изменениях по почте." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Если вы ответите утвердительно, debsecan будет скачивать маленький файл один " "раз в день. Список ваших пакетов не будет передаваться на сервер." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Адрес электронной почты, на который нужно посылать ежедневный отчёт:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Главный выпуск, из которого установлены пакеты:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Для предоставления более полезных данных, для debsecan нужно указать выпуск " "Debian, из которого вы обычно устанавливаете пакеты." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Если вы выберете \"GENERIC\" (по умолчанию), будет доступна только базовая " "функциональность debsecan. Если вы укажите выпуск, совпадающий с " "конфигурацией вашего sources.list, то в отчёт будет включена информация об " "исправленных и устаревших пакетах." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL с информацией об уязвимостях:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan получает информацию об уязвимостях из сети. Если ваша система не " "подключена к Интернет, вы можете ввести URL локального сервера-зеркала. Если " "вы оставите поле пустым, будет использован URL по умолчанию." debsecan-0.4.16+nmu1/debian/po/ja.po0000644000000000000000000000743111731551021013703 0ustar # Copyright (C) 2008-2009 Florian Weimer # This file is distributed under the same license as the debsecan package. # Hideki Yamane (Debian-JP) , 2009. # msgid "" msgstr "" "Project-Id-Version: debsecan 0.4.10+nmu2\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2009-01-06 06:26+0900\n" "Last-Translator: Hideki Yamane (Debian-JP) \n" "Language-Team: Japanese \n" "Language: ja\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "debsecan が日次レポートを送るようにしますか?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan でホストのセキュリティ状態を日に 1 回チェックして、変化をメールで通" "知するようにできます。" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "このオプションを選択した場合、debsecan は日に 1 回小さなファイルをダウンロー" "ドします。あなたのパッケージのリストはサーバへは送られません。" #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "日次レポートが送られるアドレス:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "どのパッケージがインストールされているか、主要パッケージ群の指定:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "より役立つデータを表示するには、debsecan は大抵インストールされているであろう" "パッケージの Debian でのリリース状態を知る必要があります。" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "\"GENERIC\" を指定した場合 (デフォルト値) は debsecan の基本機能のみが利用可" "能です。sources.list 設定にマッチするパッケージ群を指定した場合は、修正された" "パッケージと古くなったパッケージの情報がメールレポートに含められます。" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "脆弱性情報の URL:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan はネットワークから脆弱性情報を取得します。システムがインターネットに" "接続されていない場合は、ここでローカルミラーの URL を入力できます。このオプ" "ションを空のままにしておく場合は、内蔵されているデフォルトの URL が使われま" "す。" debsecan-0.4.16+nmu1/debian/po/nb.po0000644000000000000000000000662411731551021013713 0ustar # debsecan. # Copyright (C) 2007 # This file is distributed under the same license as the debsecan package. # Hans Fredrik Nordhaug , 2007 # msgid "" msgstr "" "Project-Id-Version: debsecan\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-03-11 08:26+0100\n" "Last-Translator: Hans Fredrik Nordhaug \n" "Language-Team: Norwegian Bokml \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=ISO-8859-1\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Vil du at debsecan skal sende daglige rapporter?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan kan sjekke sikkerhetsstatusen for tjeneren en gang daglig og\n" "sende deg endringer p e-post." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Hvis du velger denne innstillingen, vil debsecan laste ned en liten fil en " "gang daglig.\n" "Pakkelisten din vil ikke bli overfrt til tjeneren." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "E-postadressen som de daglige rapportene skal sendes til:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Hovedsuite som pakkene er installert fra:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "For presentere mer nyttig informasjon, m debsecan vite fra hvilken \n" "Debian-utgivelsen du vanligvis installerer pakker." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Hvis du oppgir \\\"GENERIC\\\" (standardvalget), s vil kun grunnleggende " "debsecan\n" "funksjonalitet vre tilgjengelig. Hvis du oppgir suiten som samsvarer med " "din\n" "sources.list-konfigurasjon, s vil informasjon om fiksede og foreldede \n" "pakker bli inkludert i e-postrapportene." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL til srbarhetsinformasjon:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debseccan henter srbarhetsinformasjon fra nettverket. Hvis ditt system " "ikke \n" "er tilknyttet Internett, kan du oppgi en URL til et lokalt speil her. Hvis " "du \n" "lar denne innstillingen vre tom, s vil den innebygde standard URL-en bli " "brukt." debsecan-0.4.16+nmu1/debian/po/sv.po0000644000000000000000000000702611731551021013741 0ustar # Swedish translation for debsecan. # Copyright (C) 2007 Free Software Foundation, Inc. # This file is distributed under the same license as the debsecan package. # Daniel Nylander , 2007. # msgid "" msgstr "" "Project-Id-Version: debsecan 0.4.2\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-22 22:13+0100\n" "Last-Translator: Daniel Nylander \n" "Language-Team: Swedish \n" "Language: sv\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=iso-8859-1\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Vill du att debsecan ska skicka dagliga rapporter?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan kan kontrollera skerhetsstatusen fr vrdmaskinen en gng per dag " "och notifiera dig om ndringar via e-post." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Om du vljer det hr alternativet kommer debsecan att dagligen hmta en " "liten fil. Din paketlista kommer inte att verfras till servern." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "E-postadress till vilken dagliga rapporter ska skickas:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Huvudsvit frn vilken paket installeras:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Fr att presentera mer anvndbar data behver debsecan veta den Debian-" "utgva som du vanligtvis installerar paket frn." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Om du anger \"GENERIC\" (standardvalet) kommer endast grundlggande " "funktionalitet finnas tillgnglig i debsecan. Om du anger sviten som " "matchar konfigurationsfilen sources.list kommer information om rttade och " "frldrade paket att inkluderas i e-postrapporterna." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL fr srbarhetsinformation:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan hmtar srbarhetsinformation frn ntverket. Om ditt system inte r " "anslutet till Internet kan du ange url:en till en lokal spegelserver hr. " "Om du lmnar det hr alternativet tomt kommer den inbyggda standard-url:en " "att anvndas." #, fuzzy #~ msgid "Suite to install packages from:" #~ msgstr "Frn vilken svit vill du installera paket?" debsecan-0.4.16+nmu1/debian/po/POTFILES.in0000644000000000000000000000005510601557775014542 0ustar [type: gettext/rfc822deb] debsecan.templates debsecan-0.4.16+nmu1/debian/po/pt.po0000644000000000000000000000730111731551021013730 0ustar # Portuguese translation for debsecan's debconf messages # Copyright (C) 2006 Miguel Figueiredo # This file is distributed under the same license as the debsecan package. # Miguel Figueiredo , 2006 msgid "" msgstr "" "Project-Id-Version: debsecan 0.4.3\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-18 22:38+0000\n" "Last-Translator: Miguel Figueiredo \n" "Language-Team: Portuguese \n" "Language: pt\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Deseja que o debsecan envie relatórios diários?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "O debsecan pode verificar o estado de segurança da máquina uma vez por dia, " "e notifica-lo de quaisquer alterações por email." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Se escolher esta opção o debsecan irá fazer o download de um pequeno " "ficheiro uma vez por dia. A sua lista de pacotes não será transmitida ao " "servidor." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "" "Endereço de email para o qual devem ser enviados os relatórios diários:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Conjunto principal a partir do qual são instalados pacotes:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Para apresentar dados mais úteis, o debsecan necessita saber a a partir de " "qual lançamento Debian normalmente você instala pacotes." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Se especificar \"GENERIC\" (o valor por omissão), apenas fica disponível a " "funcionalidade básica do debsecan. Se especificar o conjunto que coincide " "com a sua configuração no sources.list, será incluída, nos relatórios por " "email, a informação acerca dos pacotes corrigidos e obsoletos." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL da informação da vulnerabilidade:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "O debsecan procura informação de vulnerabilidades a partir da rede. Se o seu " "sistema não estiver ligado à Internet, pode introduzir aqui o URL de um " "mirror local. Se deixar esta opção em branco, será utilizado o URL incluido " "por omissão." #~ msgid "From which suite do you want to install packges?" #~ msgstr "A partir de que conjunto deseja instalar pacotes?" debsecan-0.4.16+nmu1/debian/po/he.po0000644000000000000000000000731711731551021013710 0ustar # translation of he.po to Hebrew # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # # Lior Kaplan , 2007. msgid "" msgstr "" "Project-Id-Version: he\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-19 22:16+0100\n" "Last-Translator: Lior Kaplan \n" "Language-Team: Hebrew \n" "Language: he\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "האם אתה רוצה ש-debsecan ישלח דוחות יומיים בדואר?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan יכול לבדוק את מצב האבטחה של המחשב פעם ביום ולהודיע לך על השינויים " "דרך דואר אלקטרוני." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "אם תבחר באפשרות זאת, debsecan יוריד קובץ קטן פעם ביום. רשימת החבילות שלך לא " "תשלח לשרת." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "כתובת דואר אלקטרוני ש אליה ישלחו הדוחות היומיים:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "המאגר הראשי ממנו מותקנות חבילות:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "כדי להציג מידע יותר שימושי debsecan צריך להכיר את הפצת דביאן ממנה אתה בדרך " "כלל מתקין חבילות." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "אם תציין \"GENERIC\" (בררת המחדל), תופיע רק פונקציונליות בסיסית של debsecan. " "אם תציין את המאגר שתואם להגדרות בקובץ sources.list שלך, המידע על חבילות " "מתוקנות או ישנות יכלל בדוחות הדואר." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "כתובת של מידע על הרגישויות:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan מביא מידע על הרגישויות מהרשת. אם המערכת שלך אינה מחוברת לאינטנרט, " "תוכל להכניס כתובת של אתר מראה מקומי. אם תשאיר את שדה זה ריק, יבוצע שימוש " "בכתובת ברירת המחדל." debsecan-0.4.16+nmu1/debian/po/de.po0000644000000000000000000000711611731551020013700 0ustar # translation of po-debconf template to German # Copyright (C) 2006, Matthias Julius # This file is distributed under the same license as the debsecan package. # # Matthias Julius , 2006, 2007. msgid "" msgstr "" "Project-Id-Version: debsecan 0.4.3.2\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-18 21:41-0500\n" "Last-Translator: Matthias Julius \n" "Language-Team: German \n" "Language: de\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Möchten Sie, dass debsecan tägliche Berichte versendet?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "Debsecan kann den Sicherheitsstatus des Rechners einmal pro Tag prüfen und " "Sie bei Änderungen per Email informieren." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Falls Sie diese Möglichkeit wählen, wird debsecan einmal pro Tag eine kleine " "Datei herunterladen. Ihre Paketliste wird nicht an den Server übermittelt." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Email-Adresse, an die tägliche Berichte gesendet werden sollen:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Hauptsächliche Release, von der Pakete installiert werden:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Um nützlichere Daten zu präsentieren, muss debsecan die Debian-Release " "kennen, von der Sie gewöhnlich Pakete installieren." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Falls Sie »GENERIC« (Voreinstellung) angeben, ist nur die " "Basisfunktionalität von debsecan verfügbar. Falls Sie die Release angeben, " "die zu Ihrer souces.list-Konfiguration passt, werden die Email-Berichte " "Informationen bezüglich aktualisierter und veralteter Pakete enthalten." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL für Informationen über Sicherheitslücken:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "Debsecan lädt Informationen über Sicherheitslücken aus dem Netzerk. Falls " "Ihr System nicht mit dem Internet verbunden ist, können Sie die URL eines " "lokalen Spiegel-Servers hier angeben. Falls Sie diese Einstellung leer " "lassen, wird eine voreingestellte URL verwendet." debsecan-0.4.16+nmu1/debian/po/eu.po0000644000000000000000000000660711731551020013725 0ustar # debsecan debconf template translation to basque # Copyright (C) 2007 Piarres Beobide # This file is distributed under the same license as the debsecan package. # Piarres Beobide , 2007. # msgid "" msgstr "" "Project-Id-Version: debsecan-debconf\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-20 12:39+0100\n" "Last-Translator: Piarres Beobide \n" "Language-Team: Librezale \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Pootle 0.10.1\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "debsecan-ek eguneroko txostenak bidaltzea nahi?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan-ek ostalariaren segurtasun egoera egunean behin egiazta eta " "egondako edozein aldaketa posta bidez ohartu dezake ." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Aukera hau hautatuaz debsecan-ek egunero fitxategi txiki bat deskargatuko " "du. Zure pakete zerrenda ez da zerbitzarira bidaliko." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Eguneroko txostenak bidali behar diren eposta helbidea:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Paketeak instalaturik dauden suite orokorra:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Datu erabilgarriagoak erakusteko, debsecan-ek arruntean instalatzen dituzun " "paketeen Debian banaketa bertsioa ezagutu behar du." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "\"GENERIC\" (lehenespena) hautatuaz gero, debsecan ezaugarri oinarrizkoak " "daude erabilgarri. sources.list konfigurazioko suitea ezarriaz konpondutako " "eta zaharkituriko paketeen argibideak ere agertuko dira eposta txostenetan." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "Ahultasunen argibide URL-a:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan-ek saretik jasotzen du ahultasunen informazioa. Zure sistema ez " "badago internetera konektaturik, ispilu lokal baten helbidea ipini dezakezu " "hemen. Aukera hau hutsik utziaz lehenetsiriko URL-a erabiliko da." debsecan-0.4.16+nmu1/debian/po/tr.po0000644000000000000000000000664311731551021013742 0ustar # Turkish translation of debsecan debconf template. # Copyright (C) 2008 Mert Dirik # This file is distributed under the same license as the debsecan package. # Mert Dirik , 2008. # msgid "" msgstr "" "Project-Id-Version: debsecan 0.4.10+nmu1\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2008-09-28 19:22+0200\n" "Last-Translator: Mert Dirik \n" "Language-Team: Debian L10n Turkish \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "debsecan'ın günlük raporlar göndermesini ister misiniz?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan her gün makinenin güvenlik durumunu denetleyip değişiklikleri size " "e-posta ile bildirebilir." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Bu seçeneği tercih ederseniz debsecan her gün küçük bir dosya indirecek. " "Paket listeniz sunucuya aktarılmayacak." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Günlük raporların gönderileceği e-posta adresi:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Paketlerin kurulu olduğu ana süit:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Daha yararlı veriler sunabilmek için debsecan'ın, sisteminize paketlerini " "kurduğunuz Debian sürümünü bilmesi gereklidir." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Eğer \"GENERIC\"i seçerseniz (öntanımlı), yalnızca temel debsecan " "işlevlerini kullanabilirsiniz. Eğer sources.list yapılandırmanıza en uygun " "süiti seçerseniz e-posta raporlarına açıkları giderilmiş paketler ve eski " "paketler hakkındaki bilgiler de eklenir." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "Güvenlik açığı bilgilerinin URL'si:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan güvenlik açıkları bilgisini ağdan edinir. Eğer sisteminiz " "Internet'e bağlı değilse, yerel yansının adresini buraya girebilirsiniz. Bu " "seçeneği boş bırakırsanız öntanımlı yerleşik URL kullanılır." debsecan-0.4.16+nmu1/debian/po/da.po0000644000000000000000000000667711730033726013716 0ustar # Danish translation debsecan. # Copyright (C) 2012 debsecan & nedenstående oversættere. # This file is distributed under the same license as the debsecan package. # Joe Hansen , 2012. # msgid "" msgstr "" "Project-Id-Version: debsecan\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2012-01-03 17:34+0000\n" "Last-Translator: Joe Hansen \n" "Language-Team: Danish \n" "Language: da\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Ønsker du at debsecan skal sende daglige rapporter?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan kan kontrollere sikkerhedsstatussen for værten en gang per dag, og " "give dig besked om ændringer via e-post." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Hvis du vælger denne indstilling, så vil debsecan hente en lille fil en gang " "om dagen. Din pakkeliste vil ikke blive sendt til serveren." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "E-post-adresse hvortil der skal sendes daglige rapporter:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Hovedversion hvorfra pakker er installeret:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "For at præsentere mere brugbare data har debsecan brug for at vide hvilken " "Debianudgivelse, du normalt installerer pakker fra." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Hvis du angiver »GENERIC« (standarden), vil kun grundlæggende funktionalitet " "for debsecan være tilgængelig. Hvis du angiver versionen, der matcher din " "sources.list-konfiguration, så vil information om faste og forældede pakker " "blive inkluderet i e-post-rapporterne." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "Adresse for information om sårbarheder:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan henter information om sårbarheder fra netværket. Hvis dit system " "ikke er forbundet til internettet, så kan du indtaste adressen for et lokalt " "spejl her. Hvis du efterlader denne indstilling tom, så bruges den " "indbyggede standardadresse." debsecan-0.4.16+nmu1/debian/po/nl.po0000644000000000000000000000676411731551021013732 0ustar # SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # msgid "" msgstr "" "Project-Id-Version: debsecan\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-03-08 21:11+0100\n" "Last-Translator: Bart Cornelis \n" "Language-Team: debian-l10n-dutch \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Poedit-Language: Dutch\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Wilt u dat debsecan dagelijkse rapporten stuurt?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan kan de beveiligingsstatus van uw computer eens per dag controleren, " "en u vervolgens per e-mail over veranderingen verwittigen." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Als u voor deze optie kiest zal debsecan elke dag een klein bestand ophalen. " "Uw pakketlijst wordt niet doorgestuurd naar de server." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "" "E-mailadres waar de dagelijkse rapporten naar toe verstuurd moeten worden:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Van welke uitgave u de meeste pakketten geïnstalleerd heeft:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Om nuttiger data te presenteren dient debsecan te weten van welke Debian-" "uitgave u normaal pakketten installeert." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Als u de standaardwaarde ('GENERIC') opgeeft is enkel de basis-debsecan-" "functionaliteit beschikbaar. Als u de met uw sources.list overeenkomende " "uitgave opgeeft, wordt er informatie over vastgezette en verouderde " "pakketten bijgesloten in de (per e-mail verstuurde) rapporten." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "Adres (URL) van de veiligheidslek-informatie:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan haalt veiligheidslek-informatie op via het netwerk. Als uw systeem " "niet met Internet verbonden is kunt u hier het adres (URL) van de lokale " "spiegelserver opgeven. Als u dit leeg laat wordt het ingebouwde adres " "gebruikt." debsecan-0.4.16+nmu1/debian/po/cs.po0000644000000000000000000000656211731551020013721 0ustar # Czech translation of debsecan. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the debsecan package. # Miroslav Kure , 2006. # msgid "" msgstr "" "Project-Id-Version: debsecan\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-19 22:02+0100\n" "Last-Translator: Miroslav Kure \n" "Language-Team: Czech \n" "Language: cs\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "Chcete, aby debsecan zasílal denní hlášení?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "debsecan může jednou denně kontrolovat stav bezpečnosti tohoto počítače a " "při každé změně vás emailem varovat." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Zvolíte-li tuto možnost, bude debsecan denně stahovat malý soubor. Váš " "seznam balíků se nebude kopírovat na server." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Emailová adresa, na kterou se mají zasílat denní hlášení:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Hlavní větev, ze které instalujete balíky:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Aby mohl debsecan poskytovat lepší informace, potřebuje vědět, ze které " "větve Debianu nejčastěji instalujete balíky." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Zadáte-li \"GENERIC\" (výchozí hodnota), bude dostupná pouze základní " "funkcionalita debsecanu. Pokud ovšem zadáte větev odpovídající vašemu " "souboru sources.list, budou v hlášeních zahrnuty informace o opravených a " "zastaralých balících." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL informací o zranitelnostech:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "debsecan stahuje informace o zranitelnostech ze sítě. Pokud není váš systém " "připojen k Internetu, můžete zde zadat URL lokálního zrcadla. Ponecháte-li " "prázdné, použije se výchozí URL." debsecan-0.4.16+nmu1/debian/po/es.po0000644000000000000000000001072611731551020013720 0ustar # debsecan translation to spanish # Copyright (C) 2007 Free Software Foundation, Inc. # This file is distributed under the same license as the package. # # Changes: # - Initial translation # Manuel Porras Peralta , 2007 # # # Traductores, si no conoce el formato PO, merece la pena leer la # documentación de gettext, especialmente las secciones dedicadas a este # formato, por ejemplo ejecutando: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: # # - El proyecto de traducción de Debian al español # http://www.debian.org/intl/spanish/ # especialmente las notas y normas de traducción en # http://www.debian.org/intl/spanish/notas # # - La guía de traducción de po's de debconf: # /usr/share/doc/po-debconf/README-trans # o http://www.debian.org/intl/l10n/po-debconf/README-trans # # Si tiene dudas o consultas sobre esta traducción consulte con el último # traductor (campo Last-Translator) y ponga en copia a la lista de # traducción de Debian al español () msgid "" msgstr "" "Project-Id-Version: debsecan 0.4.4\n" "Report-Msgid-Bugs-To: debsecan@packages.debian.org\n" "POT-Creation-Date: 2008-10-12 14:38+0200\n" "PO-Revision-Date: 2007-02-25 13:29+0100\n" "Last-Translator: Manuel Porras Peralta «Venturi» \n" "Language-Team: Debian Spanish \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "Do you want debsecan to send daily reports?" msgstr "¿Desea que debsecan envíe informes diarios?" #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "debsecan can check the security status of the host once per day, and notify " "you of any changes by email." msgstr "" "Debsecan puede comprobar el estado de la seguridad del servidor una vez al " "día, y notificarle cualquier cambio por correo electrónico." #. Type: boolean #. Description #: ../debsecan.templates:1001 msgid "" "If you choose this option, debsecan will download a small file once a day. " "Your package list will not be transmitted to the server." msgstr "" "Si elige esta opción, debsecan descargará un pequeño archivo una vez al día. " "Su lista de paquetes no se enviará al servidor." #. Type: string #. Description #: ../debsecan.templates:2001 msgid "Email address to which daily reports should be sent:" msgstr "Correo electrónico al que se enviarán los informes diarios:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "Main suite from which packages are installed:" msgstr "Distribución principal de la que se instalan los paquetes:" #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "To present more useful data, debsecan needs to know the Debian release from " "which you usually install packages." msgstr "" "Debsecan necesita saber la distribución de Debian de la que instala los " "paquetes normalmente, para mostrar datos más útiles." #. Type: select #. Description #: ../debsecan.templates:3001 msgid "" "If you specify \"GENERIC\" (the default), only basic debsecan functionality " "is available. If you specify the suite matching your sources.list " "configuration, information about fixed and obsolete packages will be " "included in email reports." msgstr "" "Si especifica «GENERIC» (predeterminado) sólo estarán disponibles las " "funciones básicas de debsecan. Si especifica una distribución que coincida " "con la configuración del «sources.list», se incluirá en los informes por " "correo electrónico información sobre los paquetes actualizados y obsoletos." #. Type: string #. Description #: ../debsecan.templates:4001 msgid "URL of vulnerability information:" msgstr "URL de información de vulnerabilidades:" #. Type: string #. Description #: ../debsecan.templates:4001 msgid "" "debsecan fetches vulnerability information from the network. If your system " "is not connected to the Internet, you can enter the URL of a local mirror " "here. If you leave this option empty, the built-in default URL is used." msgstr "" "Debsecan descarga información de vulnerabilidades desde la red. Si su " "sistema no está conectado a internet, puede introducir aquí la URL del sitio " "local equivalente. Si lo deja en blanco, se usará la URL que viene como " "predeterminada." debsecan-0.4.16+nmu1/debian/debsecan.postrm0000644000000000000000000000016311344750521015346 0ustar #!/bin/sh set -e case "$1" in purge) rm -f /etc/cron.d/debsecan /etc/default/debsecan ;; esac #DEBHELPER# debsecan-0.4.16+nmu1/COPYING0000644000000000000000000004310510601557775012163 0ustar GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. debsecan-0.4.16+nmu1/README0000644000000000000000000000222711344760040011772 0ustar Debian Security Analyzer ------------------------ debsecan, the Debian Security Analyzer, is a tool to generate a list of vulnerabilities which affect a particular Debian installation. debsecan runs on the host which is to be checked, and downloads vulnerability information over the Internet. It can send mail to interested parties when new vulnerabilities are discovered or when security updates become available. For details, see the debsecan(1) manual page. For instructions how to create a suitable, randomized cron entry, see the debsecan-create-cron(8) manual page. The vulnerability database is maintained by the Debian testing security team: A web interface to the database is available at: FAQ --- Q: How can I reduce the frequency of reports (e.g. weekly instead of daily reporting)? A: Just edit /etc/cron.d/debsecan to suit your needs. Note that debsecan internally limits the number of reports per day to 1, so you cannot increase the frequency of reports, only decrease it. -- Florian Weimer , Sun, 19 Aug 2007 21:17:44 +0200 debsecan-0.4.16+nmu1/doc/0000755000000000000000000000000010666560204011662 5ustar debsecan-0.4.16+nmu1/doc/debsecan-create-cron.80000644000000000000000000000275510601557775015740 0ustar .\" debsecan-create-cron - Debian Security Analyzer (cron entries) .\" Copyright (C) 2005, 2007 Florian Weimer .\" .\" This program is free software; you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by .\" the Free Software Foundation; either version 2 of the License, or .\" (at your option) any later version. .\" .\" This program is distributed in the hope that it will be useful, .\" but WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" GNU General Public License for more details. .\" .\" You should have received a copy of the GNU General Public License .\" along with this program; if not, write to the Free Software .\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA .\" .TH DEBSECAN 8 2005-12-19 "" "" .SH NAME debsecan-create-cron \- Create cron entry for the Debian Security Analyzer .SH SYNOPSIS .B debsecan-create-cron .br .B debsecan-create-cron --upgrade .SH DESCRIPTION .B debsecan-create-cron creates a cron entry for .BR debsecan , the Debian security analyzer. .P The cron entry runs hourly, but .B debsecan itself restricts actually processing to once a day. The minute the cron job runs is selected randomly, to reduce peak server load. .P .B debsecan-create-cron --upgrade is used internally to upgrade an older cron entry. .SH AUTHOR .B debsecan was written by Florian Weimer. .SH "SEE ALSO" .BR debsecan "(1)," .BR cron "(8)" debsecan-0.4.16+nmu1/doc/debsecan.10000644000000000000000000002160710666557710013526 0ustar .\" debsecan - Debian Security Analyzer .\" Copyright (C) 2005, 2007 Florian Weimer .\" .\" This program is free software; you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by .\" the Free Software Foundation; either version 2 of the License, or .\" (at your option) any later version. .\" .\" This program is distributed in the hope that it will be useful, .\" but WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" GNU General Public License for more details. .\" .\" You should have received a copy of the GNU General Public License .\" along with this program; if not, write to the Free Software .\" Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA .\" .TH DEBSECAN 1 2005-12-23 "" "" .SH NAME debsecan \- Debian Security Analyzer .SH SYNOPSIS .B debsecan .I options... .SH DESCRIPTION .B debsecan analyzes the list of installed packages on the current host and reports vulnerabilities found on the system. .SH OPTIONS .TP .B --suite \fIcount\fP Choose a specific suite. .B debsecan produces more informative output (including obsolete packages) if the correct suite is specified. The release code name has to be used ("sid"), not the temporal name ("unstable"). .TP .B --whitelist \fIfile\fP Change the name of the whitelist file. .TP .BR --add-whitelist ", " --remove-whitelist ", " --show-whitelist Add or remove entries from the whitelist, or print the whitelist to standard output. See the .SM "CHANGING THE WHITELIST" section below. .TP .B --source \fIurl\fP Override the default download URL for vulnerability data. .TP .B --status \fIfile\fP Evaluate a different .B dpkg status file. .TP .B --format \fIformat\fP Change the output format. If .I format is .B summary (the default), a short summary for each vulnerability is printed. The .B simple format is like the .B summary format, except that only the bug packages names are printed. For .B bugs and .BR packages , .B debsecan lists the names of vulnerabilities and binary packages, respectively. .B --format detail requests a verbose output format, showing all available data. The .B report format is used for email reports. .TP .B --line-length \fIcharacters\fP Specifies the line length in report mode. The default is 72. .TP .B --mailto \fImailbox\fP The .B --mailto option instructions .B debsecan to the send the report to the email address .IR mailbox . No report is sent if there where no changes since the last invocation with .BR --update-history . This option requires the .B --format report output format. The option value may contain macros, see the section .SM CONFIGURATION FILE MACROS below. .TP .B --only-fixed Only list vulnerabilities for which a fix is available in the archive. Note that it can happen that a fix is listed, although the package has not been built for the system's architecture and is not yet available for download. (If you use this option, you also must specify the correct suite using .BR --suite .) .TP .B --no-obsolete Do not list any obsolete packages (see below). Using this option is not recommended because it hides real vulnerabilities on some systems, not just false positives. .TP .B --history \fIfile\fP Change the name of the history file used by .BR "--format report" . .TP .B --update-history Update the vulnerability status information after reporting it using .BR "--format report" . .TP .B --cron Internal option used for invocations from .BR cron . Checks if the vulnerability data has already been downloaded today. In this case, further processing is skipped. See .BR debsecan-create-cron (8) for instructions how to create a suitable cron entry. .TP .B --config \fIfile\fP Sets the location of the configuration file. .TP .B --help Display a short help message and exit. .TP .B --version Display version information and exit. .SH "CONFIGURATION FILE" The configuration file contains the following variables. It follows .IR name = value shell syntax. If .I value contains white space, it must be surrounded by double quotes. Some variables may contain macros; see the section .SM "CONFIGURATION FILE MACROS" below. .TP .B MAILTO Sets the email address to which reports are sent in .B --cron mode. May contain macros. .TP .B REPORT Controls whether .B debsecan does any processing whatsoever in .B --cron mode. (Permitted values: .B true and .BR false .) .TP .B SOURCE Controls the URL from which vulnerability information is fetched. If empty, the built-in default is used. .TP .B SUITE Sets the default value of the .B --suite option (see there). .TP .B SUBJECT Changes the subject line of reports. May contain macros. .SH "CONFIGURATION FILE MACROS" Macro processing replaces strings of the form .BI %s( key )s with system-dependent values. Support keys are: .TP .B hostname The host name on which .B debsecan runs, without the domain name part. .TP .B fqdn The fully-qualified domain name of the host on which .B debsecan runs. .TP .B ip The IP address of the host on which .B debsecan runs. This may be inaccurate on multi-homed systems. .SH "CHANGING THE WHITELIST" You can use the .B --add-whitelist and .B --remove-whitelist options to change the whitelist. Whitelisted vulnerabilities are not included in the reports. For example, .IP .B debsecan --add-whitelist CVE-2005-4601 .PP ignores the vulnerability CVE-2005-4601 completely, while .IP .B debsecan --add-whitelist CVE-2005-4601 perlmagick .PP ignores it only as far as the perlmagick is concerned. (This is the same format that is produced by the .B --format simple option.) To remove all whitelist entries for the CVE-2005-4601 vulnerability, use: .IP .B debsecan --remove-whitelist CVE-2005-4601 .PP If you want to remove an entry for a specific vulnerability/package pair, list the package name explicitly, as in: .IP .B debsecan --remove-whitelist CVE-2005-4601 imagemagick .PP You can list multiple vulnerability and packages. For example, .IP .PD 0 .B debsecan --add-whitelist CVE-2005-4601 \e .IP "" 1in .B CVE-2006-0082 imagemagick perlmagick .PD .PP whitelists CVE-2005-4601 for all packages, and CVE-2006-0082 for the imagemagick and perlmagick packages only. .SH "CAVEATS" Much like the official Debian security advisories, .BR debsecan 's vulnerability tracking is mostly based on source packages. This can be confusing because tools like .B dpkg only display binary package names. Therefore, .B debsecan displays the more familiar binary package names. This has the unfortunate effect that all binary packages (including packages containing only documentation, for example) are flagged as vulnerable, and not only those packages which actually contain the vulnerable code. .P If the correct .B --suite option is specified, .B debsecan may mark some packages as .BR obsolete . This means that the binary package in question has been removed from the archive. In this case, you need to update all the packages depending on the obsolete package, and subsequently remove the obsolete package. .P For certain architectures, build daemons may lag considerably. In such case, .B debsecan may incorrectly mark a package as fixed, even if an update is not yet available in the Debian archive. .P Note that .B debsecan version uses the .B --suite option only to determine the availability of corrected packages and to detect obsolete packages. If you specify the wrong suite, only the information on available security updates and obsolete packages is wrong, but the list of vulnerabilities is correct. .P Mixing packages from different Debian releases is supported, as long as the packages still carry their official version numbers. Unknown package versions (from backported packages, for example) are compared to the version in Debian unstable only, which may lead to incorrect reports. .SH EXAMPLES This command prints all package names for which security fixes are available: .IP .B debsecan --suite .I suite .B --format packages --only-fixed .PP If you pass this output to .BR apt-get , you can download new packages which contain security fixes. For example, if you are running sid: .IP .PD 0 .B apt-get install \e .IP "" 1in .B $(debsecan --suite sid --format packages --only-fixed) .PD .PP The following command can be invoked periodically, to get notifications of new security issues: .IP .PD 0 .B debsecan --suite .I suite .B --format report \e .IP "" 1in .B --update-history --mailto root .PD .PP See .BR debsecan-create-cron (8) for a tool which creates a suitable cron entry. .SH ENVIRONMENT .TP .B http_proxy This environment variable instructs .B debsecan to use a proxy server to fetch the vulnerability data. It must be of the form .B http://proxy.example.net:8080/ (mimicking a URL). .SH FILES .TP .I /etc/default/debsecan Built-in location of the configuration file. .TP .I /var/lib/dpkg/status File from which the package information is fetched by default. .SH AUTHOR .B debsecan was written by Florian Weimer. .SH "SEE ALSO" .BR dpkg "(1)," .BR debsecan-create-cron "(8)," .BR apt-get "(8)" debsecan-0.4.16+nmu1/Makefile0000644000000000000000000000020110601557775012556 0ustar .PHONY: test test: cd testsuite && sh run.sh clean: -rm -f testsuite/*/*.out testsuite/whitelist.test testsuite/whitelist.expdebsecan-0.4.16+nmu1/src/0000755000000000000000000000000011643323400011673 5ustar debsecan-0.4.16+nmu1/src/debsecan-create-cron0000644000000000000000000000167510662112021015566 0ustar #!/bin/bash set -e FILE=/etc/cron.d/debsecan usage () { echo "usage: $0 [--upgrade]" exit 1 } if test -e "$FILE" ; then if grep '^# AUTOMATICALLY GENERATED$' "$FILE" > /dev/null ; then may_overwrite=true else may_overwrite=false fi else may_overwrite=true fi case "$1" in --upgrade) if $may_overwrite ; then : else echo "warning: /etc/cron.d/debsecan already exists with unexpected content" echo "warning: You can regenerated it with /usr/sbin/debsecan-create-cron." exit 0 fi ;; -*) echo "error: illegal option '$1'" exit 1 ;; *) if test "$#" -ne 0 ; then echo "error: illegal positional argument" exit 1 fi ;; esac MIN=$(($RANDOM % 60)) cat > "$FILE" < "" self.__asString = version def __str__(self): return self.__asString def __repr__(self): return 'Version(%s)' % `self.__asString` def __cmp__(self, other): return version_compare(self.__asString, other.__asString) class PackageFile: """A Debian package file. Objects of this class can be used to read Debian's Source and Packages files.""" re_field = re.compile(r'^([A-Za-z][A-Za-z0-9-]+):(?:\s+(.*?))?\s*$') def __init__(self, name, fileObj=None): """Creates a new package file object. name - the name of the file the data comes from fileObj - an alternate data source; the default is to open the file with the indicated name. """ if fileObj is None: fileObj = safe_open(name) self.name = name self.file = fileObj self.lineno = 0 def __iter__(self): line = self.file.readline() self.lineno += 1 pkg = [] while line: if line == '\n': if len(pkg) == 0: self.raiseSyntaxError('expected package record') yield pkg pkg = [] line = self.file.readline() self.lineno += 1 continue match = self.re_field.match(line) if not match: self.raiseSyntaxError("expected package field, got " + `line`) (name, contents) = match.groups() contents = contents or '' while True: line = self.file.readline() self.lineno += 1 if line and line[0] in " \t": ncontents = line[1:] if ncontents: if ncontents[-1] == '\n': ncontents = ncontents[:-1] else: break contents = "%s\n%s" % (contents, ncontents) else: break pkg.append((name, contents)) if pkg: yield pkg def raiseSyntaxError(self, msg, lineno=None): if lineno is None: lineno = self.lineno raise ParseError(self.name, lineno, msg) # End of code from debian_support ###################################################################### # General support routines def safe_open(name, mode="r"): try: return file(name, mode) except IOError, e: sys.stdout.write("error: could not open %s: %s\n" % (`name`, e.strerror)) sys.exit(2) # Configuration file parser class ConfigParser: def __init__(self, name, file=None): self.name = name if file is None: if os.path.exists(name): self.file = safe_open(name) else: self.file = None else: self.file = file def onComment(self, line, number): pass def onKey(self, line, number, key, value, trailer): pass def onError(self, line, number): sys.stderr.write("%s:%d: invalid configuration file syntax" % (line, number)) sys.exit(2) def parse(self, re_comment=re.compile(r'^\s*(?:#.*)?$'), re_key=re.compile(r'^\s*([A-Z]+)=(.*?)\s*$'), re_quote=re.compile(r'^"(.*)"\s*$')): if self.file is None: return lineno = 0 for line in self.file: lineno += 1 match = re_comment.match(line) if match is not None: self.onComment(line, lineno) continue match = re_key.match(line) if match is not None: (k, v) = match.groups() match = re_quote.match(v) if match is not None: # This is not perfect, but proper parsing is # probably not worth the effort. (v,) = match.groups() self.onKey(line, lineno, k, v, '\n') continue onError(line, lineno) def read_config(name, file=None): """Read the configuration file NAME into a dictionary and return it.""" config = {} class Parser(ConfigParser): def onKey(self, line, number, key, value, trailer): config[key] = value Parser(name, file).parse() return config def update_config(name): """Update the configuration file NAME with data from standard input.""" new_config = read_config('', sys.stdin) new_file = [] class Parser(ConfigParser): def onComment(self, line, lineno): new_file.append(line) def onKey(self, line, lineno, key, value, trailer): if new_config.has_key(key): if new_config[key] <> value: new_file.append("%s=%s%s" % (key, new_config[key], trailer)) else: new_file.append(line) del new_config[key] else: new_file.append(line) Parser(name).parse() remaining = new_config.keys() remaining.sort() if remaining: if remaining[-1] <> "\n": new_file.append("\n") for k in remaining: new_file.append("%s=%s\n" % (k, new_config[k])) conf = file(name, "w+") try: for line in new_file: conf.write(line) finally: conf.close() # Command line parser def parse_cli(): """Reads sys.argv and returns an options object.""" parser = OptionParser(usage="%prog OPTIONS...") parser.add_option("--config", metavar="FILE", help="sets the name of the configuration file", default='/etc/default/debsecan') parser.add_option("--suite", type="choice", choices=['woody', 'sarge', 'etch', 'lenny', 'squeeze', 'wheezy', 'sid'], help="set the Debian suite of this installation") parser.add_option("--source", metavar="URL", help="sets the URL for the vulnerability information") parser.add_option("--status", metavar="NAME", default="/var/lib/dpkg/status", help="name of the dpkg status file") parser.add_option("--format", type="choice", choices=['bugs', 'packages', 'summary', 'detail', 'report', 'simple'], default="summary", help="change output format") parser.add_option("--only-fixed", action="store_true", dest="only_fixed", help="list only vulnerabilities for which a fix is available") parser.add_option("--no-obsolete", action="store_true", dest="no_obsolete", help="do not list obsolete packages (not recommend)") parser.add_option("--history", default="/var/lib/debsecan/history", metavar="NAME", help="sets the file name of debsecan's internal status " + "file") parser.add_option("--line-length", default=72, type="int", dest="line_length", help="maximum line length in report mode") parser.add_option("--update-history", action="store_true", dest="update_history", help="update the history file after reporting") parser.add_option("--mailto", help="send report to an email address") parser.add_option("--cron", action="store_true", help="debsecan is invoked from cron") parser.add_option("--whitelist", metavar="NAME", default="/var/lib/debsecan/whitelist", help="sets the name of the whitelist file") parser.add_option("--add-whitelist", action="store_true", dest="whitelist_add", help="add entries to the whitelist") parser.add_option("--remove-whitelist", action="store_true", dest="whitelist_remove", help="remove entries from the whitelist") parser.add_option("--show-whitelist", action="store_true", dest="whitelist_show", help="display entries on the whitelist") parser.add_option("--update-config", action="store_true", dest="update_config", help=None) (options, args) = parser.parse_args() def process_whitelist_options(): """Check the whitelist options. They conflict with everything else.""" count = 0 for x in (options.whitelist_add, options.whitelist_remove, options.whitelist_show): if x: count += 1 if count == 0: return if count > 1: sys.stderr.write( "error: at most one whitelist option may be specified\n") sys.exit(1) for (k, v) in options.__dict__.items(): if type(v) == types.MethodType or v is None: continue if k not in ("whitelist", "whitelist_add", "whitelist_remove", # The following options have defaults and are # always present. "history", "status", "format", "line_length"): sys.stderr.write( "error: when editing the whitelist, no other options are allowed\n") sys.exit(1) if options.whitelist_add: whitelist_add(options, args) sys.exit(0) if options.whitelist_remove: whitelist_remove(options, args) sys.exit(0) if options.whitelist_show: whitelist_show(options, args) sys.exit(0) process_whitelist_options() if options.cron: options.format = 'report' options.update_history = True if options.only_fixed and not options.suite: sys.stderr.write("error: --only-fixed requires --suite\n") sys.exit(1) if options.no_obsolete and not options.suite: sys.stderr.write("error: --no-obsolete requires --suite\n") sys.exit(1) if options.update_history and options.format <> 'report': sys.stderr.write("error: --update-history requires report format\n") sys.exit(1) if options.cron and options.format <> 'report': sys.stderr.write("error: --cron requires report format\n") sys.exit(1) if options.mailto and options.format <> 'report': sys.stderr.write("error: --mailto requires report format\n") sys.exit(1) options.need_history = options.format == 'report' config = read_config(options.config) if options.cron and not options.mailto: options.mailto = config.get('MAILTO', '') if options.mailto == '': options.mailto = 'root' options.suite = options.suite or config.get('SUITE', None) if options.suite == 'GENERIC': options.suite = None options.subject = config.get( 'SUBJECT', 'Debian security status of %(hostname)s') return (options, config, args) # Vulnerabilities class Vulnerability: """Stores a vulnerability name/package name combination.""" urgency_conversion = {' ' : '', 'L' : 'low', 'M' : 'medium', 'H' : 'high'} def __init__(self, vuln_names, str): """Creates a new vulnerability object from a string.""" (package, vnum, flags, unstable_version, other_versions) \ = str.split(',', 4) vnum = int(vnum) self.bug = vuln_names[vnum][0] self.package = package self.binary_packages = None self.unstable_version = unstable_version self.other_versions = other_versions.split(' ') if self.other_versions == ['']: self.other_versions = [] self.description = vuln_names[vnum][1] self.binary_package = flags[0] == 'B' self.urgency = self.urgency_conversion[flags[1]] self.remote = {'?' : None, 'R' : True, ' ' : False}[flags[2]] self.fix_available = flags[3] == 'F' def is_vulnerable(self, (bin_pkg, bin_ver), (src_pkg, src_ver)): """Returns true if the specified binary package is subject to this vulnerability.""" self._parse() if self.binary_package and bin_pkg == self.package: if self.unstable_version: return bin_ver < self.unstable_version else: return True elif src_pkg == self.package: if self.unstable_version: return src_ver < self.unstable_version \ and src_ver not in self.other_versions else: return src_ver not in self.other_versions else: return False def obsolete(self, bin_name=None): if self.binary_packages is None: return if bin_name is None: bin_name = self.installed_package return bin_name not in self.binary_packages def installed(self, src_name, bin_name): """Returns a new vulnerability object for the installed package.""" v = copy.copy(self) v.installed_package = bin_name return v def _parse(self): """Further parses the object.""" if type(self.unstable_version) == types.StringType: if self.unstable_version: self.unstable_version = Version(self.unstable_version) else: self.unstable_version = None self.other_versions = map(Version, self.other_versions) def fetch_data(options, config): """Returns a dictionary PACKAGE -> LIST-OF-VULNERABILITIES.""" url = options.source or config.get("SOURCE", None) \ or "http://secure-testing.debian.net/debian-secure-testing/" \ "project/debsecan/release/1/" if url[-1] <> "/": url += "/" if options.suite: url += options.suite else: url += 'GENERIC' r = urllib2.Request(url) r.add_header('User-Agent', 'debsecan/' + VERSION) try: u = urllib2.urlopen(r) # In cron mode, we suppress almost all errors because we # assume that they are due to lack of Internet connectivity. except urllib2.HTTPError, e: if (not options.cron) or e.code == 404: sys.stderr.write("error: while downloading %s:\n%s\n" % (url, e)) sys.exit(1) else: sys.exit(0) except urllib2.URLError, e: if not options.cron: # no e.code check here # Be conservative about the attributes offered by # URLError. They are undocumented, and strerror is not # available even though it is documented for # EnvironmentError. msg = e.__dict__.get('reason', '') if msg: msg = "error: while downloading %s:\nerror: %s\n" % (url, msg) else: msg = "error: while downloading %s:\n" % url sys.stderr.write(msg) sys.exit(1) else: sys.exit(0) data = [] while 1: d = u.read(4096) if d: data.append(d) else: break data = StringIO(zlib.decompress(''.join(data))) if data.readline() <> "VERSION 1\n": sys.stderr.write("error: server sends data in unknown format\n") sys.exit(1) vuln_names = [] for line in data: if line[-1:] == '\n': line = line[:-1] if line == '': break (name, flags, desc) = line.split(',', 2) vuln_names.append((name, desc)) packages = {} for line in data: if line[-1:] == '\n': line = line[:-1] if line == '': break v = Vulnerability(vuln_names, line) try: packages[v.package].append(v) except KeyError: packages[v.package] = [v] source_to_binary = {} for line in data: if line[-1:] == '\n': line = line[:-1] if line == '': break (sp, bps) = line.split(',') if bps: source_to_binary[sp] = bps.split(' ') else: source_to_binary[sp] = [] for vs in packages.values(): for v in vs: if not v.binary_package: v.binary_packages = source_to_binary.get(v.package, None) return packages # Previous state (for incremental reporting) class History: def __init__(self, options): self.options = options self.last_updated = 86400 self._read_history(self.options.history) def data(self): """Returns a dictionary (BUG, PACKAGE) -> UPDATE-AVAILABLE. The result is not shared with the internal dictionary.""" return self.history.copy() def expired(self): """Returns true if the stored history file is out of date.""" if self.options.cron: old = time.localtime(self.last_updated) now = time.localtime() def ymd(t): return (t.tm_year, t.tm_mon, t.tm_mday) if ymd(old) == ymd(now): return False return now.tm_hour >= 2 else: # If we aren't run from cron, we always download new data. return True def known(self, v): """Returns true if the vulnerability is known.""" return self.history.has_key(v) def fixed(self, v): """Returns true if the vulnerability is known and has been fixed.""" return self.history.get(v, False) def _read_history(self, name): """Reads the named history file. Returns a dictionary (BUG, PACKAGE) -> UPDATE-AVAILABLE.""" self.history = {} try: f = file(name) except IOError: return line = f.readline() if line == 'VERSION 0\n': pass elif line == 'VERSION 1\n': line = f.readline() self.last_updated = int(line) else: return for line in f: if line[-1:] == '\n': line = line[:-1] (bug, package, fixed) = line.split(',') self.history[(bug, package)] = fixed == 'F' f.close() # Whitelisting vulnerabilities class Whitelist: def __init__(self, name): """Read a whitelist from disk. name - file name of the white list. If None, no file is read. """ self.name = name self.bug_dict = {} self.bug_package_dict = {} if name and os.path.exists(name): src = safe_open(name) line = src.readline() if line <> 'VERSION 0\n': raise SyntaxError, "invalid whitelist file, got: " + `line` for line in src: if line[-1] == '\n': line = line[:-1] (bug, pkg) = line.split(',') self.add(bug, pkg) self._dirty = False def add(self, bug, pkg=None): """Adds a bug/package pair to the whitelist. If the package is not specified (or empty), the bug is whitelisted completely.""" if pkg: self.bug_package_dict[(bug, pkg)] = True else: self.bug_dict[bug] = True self._dirty = True def remove(self, bug, pkg=None): """Removes a bug/package pair from the whitelist. If the package is not specified, *all* whitelisted packages for that bug are removed.""" removed = False if pkg: try: del self.bug_package_dict[(bug, pkg)] removed = True except KeyError: pass else: try: del self.bug_dict[bug] removed = True except KeyError: pass for bug_pkg in self.bug_package_dict.keys(): if bug_pkg[0] == bug: del self.bug_package_dict[bug_pkg] removed = True if removed: self._dirty = True else: if pkg: sys.stderr.write( "error: no matching whitelist entry for %s %s\n" % (bug, pkg)) else: sys.stderr.write("error: no matching whitelist entry for %s\n" % bug) sys.exit(1) def check(self, bug, package): """Returns true if the bug/package pair is whitelisted.""" return self.bug_dict.has_key(bug) \ or self.bug_package_dict.has_key((bug, package)) def update(self): """Write the whitelist file back to disk, if the data has changed.""" if not (self._dirty and self.name): return new_name = self.name + '.new' f = safe_open(new_name, "w+") f.write("VERSION 0\n") l = self.bug_dict.keys() l.sort() for bug in l: f.write(bug + ",\n") l = self.bug_package_dict.keys() l.sort() for bug_pkg in l: f.write("%s,%s\n" % bug_pkg) f.close() os.rename(new_name, self.name) def show(self, file): l = [] for bug in self.bug_dict.keys(): file.write("%s (all packages)\n" % bug) for (bug, pkg) in self.bug_package_dict.keys(): l.append("%s %s\n" % (bug, pkg)) l.sort() for line in l: file.write(line) def __whitelist_edit(options, args, method): w = Whitelist(options.whitelist) while args: bug = args[0] if bug == '' or (not ('A' <= bug[0] <= 'Z')) or ',' in bug: sys.stderr.write("error: %s is not a bug name\n" % `bug`) sys.exit(1) del args[0] pkg_found = False while args: pkg = args[0] if (not pkg) or ',' in pkg: sys.stderr.write("error: %s is not a package name\n" % `bug`) sys.exit(1) if 'A' <= pkg[0] <= 'Z': break method(w, bug, pkg) del args[0] pkg_found = True if not pkg_found: method(w, bug, None) w.update() def whitelist_add(options, args): __whitelist_edit(options, args, lambda w, bug, pkg: w.add(bug, pkg)) def whitelist_remove(options, args): __whitelist_edit(options, args, lambda w, bug, pkg: w.remove(bug, pkg)) def whitelist_show(options, args): Whitelist(options.whitelist).show(sys.stdout) # Classes for output formatting class Formatter: def __init__(self, target, options, history): self.target = target self.options = options self.history = history self.whitelist = Whitelist(self.options.whitelist) self._invalid_versions = False def invalid_version(self, package, version): sys.stdout.flush() sys.stderr.write("error: invalid version %s of package %s\n" % (version, package)) if not self._invalid_versions: sys.stderr.write( "error: install the python-apt package for invalid versions support\n") self._invalid_versions = True sys.stderr.flush() def invalid_source_version(self, package, version): sys.stdout.flush() sys.stderr.write("error: invalid source version %s of package %s\n" % (version, package)) if not self._invalid_versions: sys.stderr.write( "error: install the python-apt package for invalid versions support\n") self._invalid_versions = True sys.stderr.flush() def maybe_record(self, v, bp, sp): """Invoke self.record, honouring --only-fixed. Can be overridden to implement a different form of --only-fixed processing.""" if self.whitelist.check(v.bug, bp[0]): return if not (self.options.only_fixed and not v.fix_available): if self.options.no_obsolete and v.obsolete(bp[0]): return self.record(v, bp, sp) def finish(self): pass class BugFormatter(Formatter): def __init__(self, target, options, history): Formatter.__init__(self, target, options, history) self.bugs = {} def record(self, v, bp, sp): self.bugs[v.bug] = 1 def finish(self): bugs = self.bugs.keys() bugs.sort() for b in bugs: self.target.write(b) class PackageFormatter(Formatter): def __init__(self, target, options, history): Formatter.__init__(self, target, options, history) self.packages = {} def record(self, v, (bin_name, bin_version), sp): self.packages[bin_name] = 1 def finish(self): packages = self.packages.keys() packages.sort() for p in packages: self.target.write(p) class SummaryFormatter(Formatter): def record(self, v, (bin_name, bin_version), (src_name, src_version)): notes = [] if v.fix_available: notes.append("fixed") if v.remote: notes.append("remotely exploitable") if v.urgency: notes.append(v.urgency + " urgency") if v.obsolete(bin_name): notes.append('obsolete') notes = ', '.join(notes) if notes: self.target.write("%s %s (%s)" % (v.bug, bin_name, notes)) else: self.target.write("%s %s" % (v.bug, bin_name)) class SimpleFormatter(Formatter): def record(self, v, (bin_name, bin_version), (src_name, src_version)): self.target.write("%s %s" % (v.bug, bin_name)) class DetailFormatter(Formatter): def record(self, v, (bin_name, bin_version), (src_name, src_version)): notes = [] if v.fix_available: notes.append("fixed") if v.remote: notes.append("remotely exploitable") if v.urgency: notes.append(v.urgency + " urgency") notes = ', '.join(notes) if notes: self.target.write("%s (%s)" % (v.bug, notes)) else: self.target.write(v.bug) self.target.write(" " + v.description) self.target.write(" installed: %s %s" % (bin_name, bin_version)) self.target.write(" (built from %s %s)" % (src_name, src_version)) if v.obsolete(bin_name): self.target.write(" package is obsolete") if v.binary_package: k = 'binary' else: k = 'source' if v.unstable_version: self.target.write(" fixed in unstable: %s %s (%s package)" % (v.package, v.unstable_version, k)) for vb in v.other_versions: self.target.write(" fixed on branch: %s %s (%s package)" % (v.package, vb, k)) if v.fix_available: self.target.write(" fix is available for the selected suite (%s)" % self.options.suite) self.target.write("") class ReportFormatter(Formatter): def __init__(self, target, options, history): Formatter.__init__(self, target, options, history) self.bugs = {} self.invalid = [] # self.record will put new package status information here. self.new_history = {} # Fixed bugs are deleted from self.fixed_bugs by self.record. self.fixed_bugs = self.history.data() # True if some bugs have been whitelisted. self._whitelisted = False def _write_history(self, name): """Writes self.new_history to the named history file. The file is replaced atomically.""" new_name = name + '.new' f = safe_open(new_name, "w+") f.write("VERSION 1\n%d\n" % int(time.time())) for ((bug, package), fixed) in self.new_history.items(): if fixed: fixed = 'F' else: fixed = ' ' f.write("%s,%s,%s\n" % (bug, package, fixed)) f.close() os.rename(new_name, name) def maybe_record(self, v, bp, sp): # --only-fixed processing happens in self.finish, and we need # all records to detect changes properly. Whitelisted bugs # need special treatment, too. self.record(v, bp, sp) def record(self, v, (bin_name, bin_version), (src_name, src_version)): v = v.installed(src_name, bin_name) bn = (v.bug, bin_name) if not self.whitelist.check(v.bug, bin_name): if self.bugs.has_key(v.bug): self.bugs[v.bug].append(v) else: self.bugs[v.bug] = [v] self.new_history[bn] = v.fix_available else: self._whitelisted = True # If we whitelist a bug, do not list it as fixed, so we always # remove it from the fixed_bugs dict. try: del self.fixed_bugs[bn] except KeyError: pass def invalid_version(self, package, version): self.invalid.append(package) def invalid_source_version(self, package, version): self.invalid.append(package) def _status_changed(self): """Returns true if the system's vulnerability status changed since the last run.""" for (k, v) in self.new_history.items(): if (not self.history.known(k)) or self.history.fixed(k) <> v: return True return len(self.fixed_bugs.keys()) > 0 def finish(self): if self.options.mailto and not self._status_changed(): if options.update_history: self._write_history(self.options.history) return w = self.target.write if self.options.suite: w("Security report based on the %s release" % self.options.suite) else: w("Security report based on general data") w("") w( """If you specify a proper suite, this report will include information regarding available security updates and obsolete packages. To set the correct suite, run "dpkg-reconfigure debsecan" as root.""") w("") for vlist in self.bugs.values(): vlist.sort(lambda a, b: cmp(a.package, b.package)) blist = self.bugs.items() blist.sort() self._bug_found = False def print_headline(fix_status, new_status): if fix_status: if new_status: w("*** New security updates") else: w("*** Available security updates") else: if new_status: w("*** New vulnerabilities") else: if self.options.suite: w("*** Vulnerabilities without updates") else: # If no suite has been specified, all # vulnerabilities lack updates, technically # speaking. w("*** Vulnerabilities") w("") def score_urgency(urgency): return {'high' : 100, 'medium' : 50, }.get(urgency, 0) def vuln_to_notes(v): notes = [] notes_score = 0 if v.remote: notes.append("remotely exploitable") notes_score += 25 if v.urgency: notes.append(v.urgency + " urgency") notes_score += score_urgency(v.urgency) if v.obsolete(): notes.append('obsolete') return (-notes_score, ', '.join(notes)) def truncate(line): if len(line) <= self.options.line_length: return line result = [] length = 0 max_length = self.options.line_length - 3 for c in line.split(' '): l = len(c) new_length = length + l + 1 if new_length < max_length: result.append(c) length = new_length else: return ' '.join(result) + '...' return ' '.join(result) # should not be reachedg def write_url(bug): w(" " % bug) def scan(fix_status, new_status): have_obsolete = False first_bug = True for (bug, vlist) in blist: pkg_vulns = {} for v in vlist: bug_package = (v.bug, v.installed_package) if v.fix_available: is_new = not self.history.fixed(bug_package) else: is_new = (not self.history.known(bug_package)) \ or self.history.fixed(bug_package) if v.fix_available <> fix_status or is_new <> new_status: continue if first_bug: print_headline(fix_status, new_status) first_bug = False if v.obsolete(): if self.options.no_obsolete: continue have_obsolete = True notes = vuln_to_notes(v) if pkg_vulns.has_key(notes): pkg_vulns[notes].append(v) else: pkg_vulns[notes] = [v] indent = " " if len(pkg_vulns) > 0: self._bug_found = True notes = pkg_vulns.keys() notes.sort() # any v will do, because we've aggregated by v.bug v = pkg_vulns[notes[0]][0] w(truncate("%s %s" % (v.bug, v.description))) write_url(v.bug) for note in notes: note_text = note[1] line = " - " comma_needed = False for v in pkg_vulns[note]: pkg = v.installed_package # Wrap the package list if the line length # is exceeded. if len(line) + len(pkg) + 3 \ > self.options.line_length: w(line + ',') line = indent + pkg comma_needed = True else: if comma_needed: line += ", " else: comma_needed = True line += pkg if note_text: if len(line) + len(note_text) + 3 \ > self.options.line_length: w(line) w("%s(%s)" % (indent, note_text)) else: w("%s (%s)" % (line, note_text)) else: w(line) w("") if have_obsolete: w( """Note that some packages were marked as obsolete. To deal with the vulnerabilities in them, you need to remove them. Before you can do this, you may have to upgrade other packages depending on them. """) def scan_fixed(): bugs = {} for (bug, package) in self.fixed_bugs.keys(): if bugs.has_key(bug): bugs[bug].append(package) else: bugs[bug] = [package] bug_names = bugs.keys() bug_names.sort() first_bug = True for bug in bug_names: if first_bug: w("*** Fixed vulnerabilities") w("") first_bug = False self._bug_found = True w(bug) write_url(bug) bugs[bug].sort() for p in bugs[bug]: w(" - %s" % p) w("") def scan_invalid(): if self.invalid: self._bug_found = True self.invalid.sort() w("*** Packages with invalid versions") w("") w("The following non-official packages have invalid versions and cannot") w("be classified correctly:") w("") for p in self.invalid: w(" - " + p) scan(fix_status=True, new_status=True) scan_fixed() scan(fix_status=True, new_status=False) if not self.options.only_fixed: scan(fix_status=False, new_status=True) scan(fix_status=False, new_status=False) scan_invalid() if not self._bug_found: if self.options.only_fixed: w( """No known vulnerabilities for which updates are available were found on the system.""") else: w("No known vulnerabilities were found on the system.") if self._whitelisted: w("") w("However, some bugs have been whitelisted.") else: if self._whitelisted: w( """Note that some vulnerablities have been whitelisted and are not included in this report.""") if options.update_history: self._write_history(self.options.history) formatters = {'bugs' : BugFormatter, 'packages' : PackageFormatter, 'summary' : SummaryFormatter, 'simple' : SimpleFormatter, 'detail' : DetailFormatter, 'report' : ReportFormatter} # Mini-template processing format_values = { 'hostname' : socket.gethostname(), 'fqdn' : socket.getfqdn() } try: format_values['ip'] = socket.gethostbyname(format_values['hostname']) except socket.gaierror: format_values['ip'] = "unknown" def format_string(msg): try: return msg % format_values except ValueError: sys.stderr.write("error: invalid format string: %s\n" % `msg`) sys.exit(2) except KeyError, e: sys.stderr.write("error: invalid key %s in format string %s\n" % (`e.args[0]`, `msg`)) sys.exit(2) # Targets class Target: def __init__(self, options): pass def finish(self): pass class TargetMail(Target): def __init__(self, options): assert options.mailto self.options = options self.sendmail = None self.opt_subject = format_string(self.options.subject) # Legacy addresses may contain "%" characters, without # proper template syntax. self.opt_mailto = format_string( re.sub(r'%([a-z0-9])', r'%%\1', self.options.mailto)) def _open(self): self.sendmail = os.popen("/usr/sbin/sendmail -t", "w") self.sendmail.write("""Subject: %s To: %s """ % (self.opt_subject, self.opt_mailto)) def write(self, line): if self.sendmail is None: self._open() self.sendmail.write(line + '\n') def finish(self): if self.sendmail is not None: self.sendmail.close() class TargetPrint(Target): def write(self, line): print line def rate_system(target, options, vulns, history): """Read /var/lib/dpkg/status and discover vulnerable packages. The results are printed using one of the formatter classes. options: command line options vulns: list of vulnerabiltiies""" packages = PackageFile(options.status) re_source = re.compile\ (r'^([a-zA-Z0-9.+-]+)(?:\s+\((\S+)\))?$') formatter = formatters[options.format](target, options, history) for pkg in packages: pkg_name = None pkg_status = None pkg_version = None pkg_arch = None pkg_source = None pkg_source_version = None for (name, contents) in pkg: if name == "Package": pkg_name = contents if name == "Status": pkg_status = contents elif name == "Version": pkg_version = contents elif name == "Source": match = re_source.match(contents) if match is None: raise SyntaxError(('package %s references ' + 'invalid source package %s') % (pkg_name, `contents`)) (pkg_source, pkg_source_version) = match.groups() if pkg_name is None: raise SyntaxError\ ("package record does not contain package name") if pkg_status is None: raise SyntaxError\ ("package record does not contain status") if 'installed' not in pkg_status.split(' '): # Package is not installed. continue if pkg_version is None: raise SyntaxError\ ("package record does not contain version information") if pkg_source_version is None: pkg_source_version = pkg_version if not pkg_source: pkg_source = pkg_name try: pkg_version = Version(pkg_version) except ValueError: formatter.invalid_version(pkg_name, pkg_version) continue try: pkg_source_version = Version(pkg_source_version) except ValueError: formatter.invalid_source_version(pkg_name, pkg_source_version) continue try: vlist = vulns[pkg_source] except KeyError: try: vlist = vulns[pkg_name] except: continue for v in vlist: bp = (pkg_name, pkg_version) sp = (pkg_source, pkg_source_version) if v.is_vulnerable (bp, sp): formatter.maybe_record(v, bp, sp) formatter.finish() target.finish() if __name__ == "__main__": (options, config, args) = parse_cli() if (options.update_config): update_config(options.config) sys.exit(0) if options.cron and config.get("REPORT", "true") <> "true": # Do nothing in cron mode if reporting is disabled. sys.exit(0) if options.need_history: history = History(options) if not history.expired(): sys.exit(0) else: history = None if options.mailto: target = TargetMail(options) else: target = TargetPrint(options) rate_system(target, options, fetch_data(options, config), history) debsecan-0.4.16+nmu1/testsuite/0000755000000000000000000000000011571677124013154 5ustar debsecan-0.4.16+nmu1/testsuite/014/0000755000000000000000000000000011571677122013456 5ustar debsecan-0.4.16+nmu1/testsuite/014/exp.summary0000644000000000000000000000501611004700541015652 0ustar TEMP-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3313 ethereal (remotely exploitable, medium urgency) TEMP-2005-3313 ethereal-common (remotely exploitable, medium urgency) TEMP-2005-3313 tethereal (remotely exploitable, medium urgency) TEMP-2005-3651 ethereal (remotely exploitable, medium urgency) TEMP-2005-3651 ethereal-common (remotely exploitable, medium urgency) TEMP-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/014/out.bugs0000644000000000000000000000026411571677122015151 0ustar TEMP-2005-3184 TEMP-2005-3241 TEMP-2005-3242 TEMP-2005-3243 TEMP-2005-3244 TEMP-2005-3245 TEMP-2005-3246 TEMP-2005-3247 TEMP-2005-3248 TEMP-2005-3249 TEMP-2005-3313 TEMP-2005-3651 debsecan-0.4.16+nmu1/testsuite/014/out.report0000644000000000000000000000514311571677122015525 0ustar Security report based on the sid release *** New security updates TEMP-2005-3184 Buffer overflow vulnerability in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3245 Unspecified vulnerability in the ONC RPC dissector... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates TEMP-2005-3313 The IRC protocol dissector in Ethereal 0.10.13... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/014/exp.packages0000644000000000000000000000004311004700541015726 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/014/exp.bugs0000644000000000000000000000026411004700541015115 0ustar TEMP-2005-3184 TEMP-2005-3241 TEMP-2005-3242 TEMP-2005-3243 TEMP-2005-3244 TEMP-2005-3245 TEMP-2005-3246 TEMP-2005-3247 TEMP-2005-3248 TEMP-2005-3249 TEMP-2005-3313 TEMP-2005-3651 debsecan-0.4.16+nmu1/testsuite/014/exp.report0000644000000000000000000000514311344746144015511 0ustar Security report based on the sid release *** New security updates TEMP-2005-3184 Buffer overflow vulnerability in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3245 Unspecified vulnerability in the ONC RPC dissector... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates TEMP-2005-3313 The IRC protocol dissector in Ethereal 0.10.13... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) TEMP-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/014/out.detail0000644000000000000000000002553711571677122015465 0ustar TEMP-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) TEMP-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) TEMP-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) TEMP-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) TEMP-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) TEMP-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/014/exp.detail0000644000000000000000000002553711004700541015431 0ustar TEMP-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) TEMP-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) TEMP-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) TEMP-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) TEMP-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) TEMP-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) TEMP-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/014/out.packages0000644000000000000000000000004311571677122015762 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/014/out.summary0000644000000000000000000000501611571677122015706 0ustar TEMP-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) TEMP-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) TEMP-2005-3313 ethereal (remotely exploitable, medium urgency) TEMP-2005-3313 ethereal-common (remotely exploitable, medium urgency) TEMP-2005-3313 tethereal (remotely exploitable, medium urgency) TEMP-2005-3651 ethereal (remotely exploitable, medium urgency) TEMP-2005-3651 ethereal-common (remotely exploitable, medium urgency) TEMP-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/014/sid0000644000000000000000000000356411004700541014147 0ustar x͙]s8+t֒9{7mfoxJl6I~ed[Cm/:E>s^})wv {HQOwԴrIR94WiI΢u6,ek֟dYjn@t5 7YG{<dAvNe,^c,K/ '<")pJ2tz;kP9)'q3E;CɥѝHТ$z dTXQtEi\Ͳt5床]ps0 !"f\QTqm],TeEnn(es?ŻotᳳlGfӟ7sVQlYB <.ɖ/.8"gf ]|>n.{-]-~Ӊ7-6k˶%kE3x> :I7ۘ4JՅO&iA6KilM۞q4Rzp&KW/wfFS_UeԲ2 ;=`:F<;IU-SBh0 rK^6.ny$obbB]P6pMc [ߑ"J(WF%9r7*0[b(8Ѷ6ѓPaK$W r\8?+ #9#tߠ7c3J#z 6:G {FE 8M(V H%;@-(؞P|-̓iiFiNŰ-3nox R%?,񀂑MgʢH F2N Q4D٨CIsB\te2Yx\l^S ^{\T]lhz)G GwjΓ;=ReF:$,Ox.)2zu![I}k{$Y@`r3:A_|\J6Wr{PCd0Nϓ::f $;?49T@fB|0&S ?fkVn'UX?\>Xw~5!tƣfPd@" `Wl?L Kl&f `f`(6! MdLu[ؐCHlnQoc;a`ͨٲ0]Qwi [p5\U SWրHY+k(cj*cjZʘʘ475|k穥[26t48ytK:q-m%1[m.A IlXb3$6Sb$2.@c?9O2`7OP^'Kn'@debsecan-0.4.16+nmu1/testsuite/014/status0000644000000000000000000000447711004700541014717 0ustar Package: ethereal Status: install ok installed Priority: optional Section: net Installed-Size: 1264 Maintainer: Frederic Peters Architecture: i386 Version: 0.10.12-6 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libkrb53 (>= 1.3.2), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20320 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 240 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libkrb53 (>= 1.3.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". debsecan-0.4.16+nmu1/testsuite/014/history0000644000000000000000000000026611004700541015065 0ustar VERSION 0 TEMP-2005-3651,ethereal, TEMP-2005-3313,ethereal, TEMP-2005-3651,tethereal, TEMP-2005-3313,tethereal, TEMP-2005-3651,ethereal-common, TEMP-2005-3313,ethereal-common, debsecan-0.4.16+nmu1/testsuite/008/0000755000000000000000000000000011571677120013457 5ustar debsecan-0.4.16+nmu1/testsuite/008/exp.summary0000644000000000000000000000556111004700541015662 0ustar CVE-2005-2360 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2361 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2362 ethereal-common (remotely exploitable, low urgency) CVE-2005-2363 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2364 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2365 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2366 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2367 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal (remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3184 tethereal (remotely exploitable, medium urgency) CVE-2005-3241 ethereal (remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3241 tethereal (remotely exploitable, medium urgency) CVE-2005-3242 ethereal (remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3242 tethereal (remotely exploitable, medium urgency) CVE-2005-3243 ethereal (remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3243 tethereal (remotely exploitable, medium urgency) CVE-2005-3244 ethereal (remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3244 tethereal (remotely exploitable, medium urgency) CVE-2005-3245 ethereal (remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3245 tethereal (remotely exploitable, medium urgency) CVE-2005-3246 ethereal (remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3246 tethereal (remotely exploitable, medium urgency) CVE-2005-3247 ethereal (remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3247 tethereal (remotely exploitable, medium urgency) CVE-2005-3248 ethereal (remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3248 tethereal (remotely exploitable, medium urgency) CVE-2005-3249 ethereal (remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3249 tethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3651 tethereal (fixed, remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/008/out.bugs0000644000000000000000000000043011571677121015146 0ustar CVE-2005-2360 CVE-2005-2361 CVE-2005-2362 CVE-2005-2363 CVE-2005-2364 CVE-2005-2365 CVE-2005-2366 CVE-2005-2367 CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/008/out.report0000644000000000000000000001007211571677121015524 0ustar Security report based on the sid release *** New security updates CVE-2005-2360 Unknown vulnerability in the LDAP dissector in... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2361 Unknown vulnerability in the (1) AgentX dissector,... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2363 Unknown vulnerability in the (1) SMPP dissector, (2)... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2364 Unknown vulnerability in the (1) GIOP dissector, (2)... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2365 Unknown vulnerability in the SMB dissector in... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2366 Unknown vulnerability in the BER dissector in... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2367 Format string vulnerability in the... - ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** New vulnerabilities CVE-2005-2362 Unknown vulnerability several dissectors in Ethereal... - ethereal-common (remotely exploitable, low urgency) CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/008/exp.packages0000644000000000000000000000004311004700541015731 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/008/exp.bugs0000644000000000000000000000043011004700541015113 0ustar CVE-2005-2360 CVE-2005-2361 CVE-2005-2362 CVE-2005-2363 CVE-2005-2364 CVE-2005-2365 CVE-2005-2366 CVE-2005-2367 CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/008/exp.report0000644000000000000000000001007211344746144015511 0ustar Security report based on the sid release *** New security updates CVE-2005-2360 Unknown vulnerability in the LDAP dissector in... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2361 Unknown vulnerability in the (1) AgentX dissector,... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2363 Unknown vulnerability in the (1) SMPP dissector, (2)... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2364 Unknown vulnerability in the (1) GIOP dissector, (2)... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2365 Unknown vulnerability in the SMB dissector in... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2366 Unknown vulnerability in the BER dissector in... - ethereal-common (remotely exploitable, low urgency) CVE-2005-2367 Format string vulnerability in the... - ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** New vulnerabilities CVE-2005-2362 Unknown vulnerability several dissectors in Ethereal... - ethereal-common (remotely exploitable, low urgency) CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/008/out.detail0000644000000000000000000003420511571677121015457 0ustar CVE-2005-3184 (remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3241 (remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3242 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3243 (remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3244 (remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3245 (remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3246 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3247 (remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3248 (remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3249 (remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (fixed, remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2360 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2361 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2362 (remotely exploitable, low urgency) Unknown vulnerability several dissectors in Ethereal 0.9.0 through ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) CVE-2005-2363 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the (1) SMPP dissector, (2) 802.3 dissector, ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2364 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2365 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2366 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2367 (fixed, remotely exploitable, medium urgency) Format string vulnerability in the proto_item_set_text function in ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-3184 (remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3241 (remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3242 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3243 (remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3244 (remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3245 (remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3246 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3247 (remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3248 (remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3249 (remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) CVE-2005-3651 (fixed, remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-3184 (remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3241 (remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3242 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3243 (remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3244 (remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3245 (remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3246 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3247 (remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3248 (remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3249 (remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (fixed, remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) debsecan-0.4.16+nmu1/testsuite/008/exp.detail0000644000000000000000000003420511004700541015424 0ustar CVE-2005-3184 (remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3241 (remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3242 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3243 (remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3244 (remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3245 (remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3246 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3247 (remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3248 (remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3249 (remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (fixed, remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2360 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2361 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2362 (remotely exploitable, low urgency) Unknown vulnerability several dissectors in Ethereal 0.9.0 through ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) CVE-2005-2363 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the (1) SMPP dissector, (2) 802.3 dissector, ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2364 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2365 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2366 (fixed, remotely exploitable, low urgency) Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-2367 (fixed, remotely exploitable, medium urgency) Format string vulnerability in the proto_item_set_text function in ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.12-1 (source package) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody13 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-3184 (remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3241 (remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3242 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3243 (remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3244 (remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3245 (remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3246 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3247 (remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3248 (remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3249 (remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) CVE-2005-3651 (fixed, remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.10-2sarge2 (built from ethereal 0.10.10-2sarge2) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) CVE-2005-3184 (remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3241 (remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3242 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3243 (remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3244 (remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3245 (remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3246 (remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3247 (remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3248 (remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3249 (remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (fixed, remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge3 (source package) fixed on branch: ethereal 0.10.10-2sarge4 (source package) fixed on branch: ethereal 0.9.4-1woody14 (source package) fix is available for the selected suite (sid) debsecan-0.4.16+nmu1/testsuite/008/out.packages0000644000000000000000000000004311571677120015763 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/008/out.summary0000644000000000000000000000556111571677120015714 0ustar CVE-2005-2360 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2361 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2362 ethereal-common (remotely exploitable, low urgency) CVE-2005-2363 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2364 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2365 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2366 ethereal-common (fixed, remotely exploitable, low urgency) CVE-2005-2367 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal (remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3184 tethereal (remotely exploitable, medium urgency) CVE-2005-3241 ethereal (remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3241 tethereal (remotely exploitable, medium urgency) CVE-2005-3242 ethereal (remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3242 tethereal (remotely exploitable, medium urgency) CVE-2005-3243 ethereal (remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3243 tethereal (remotely exploitable, medium urgency) CVE-2005-3244 ethereal (remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3244 tethereal (remotely exploitable, medium urgency) CVE-2005-3245 ethereal (remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3245 tethereal (remotely exploitable, medium urgency) CVE-2005-3246 ethereal (remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3246 tethereal (remotely exploitable, medium urgency) CVE-2005-3247 ethereal (remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3247 tethereal (remotely exploitable, medium urgency) CVE-2005-3248 ethereal (remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3248 tethereal (remotely exploitable, medium urgency) CVE-2005-3249 ethereal (remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3249 tethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3651 tethereal (fixed, remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/008/sid0000644000000000000000000000374611004700541014154 0ustar xݙ[s8)֒|}IM c@O&iӯ|!H2̦)∟::::R> 7O2M3= l\ $[Ӈ $#}o(Yeִ]ZE4J} C۔"hӯ$1VKpF(8ɼH386Blۆ1ޮx&Xǫ,dY廡.f$_"p4=n.*@^dquBhⱔ)YE/O_Jyx5zB7$fQN`vӓq`.H~5E\9ɿrٛ=҄pcҎ=eVQ#gZ3$}HN-g>^+p K={C}$?$!E|Dl0 /5MW&uxc6q:IYorIVDtZ@6Y!>~,Ӿ1Fո!MCEgsLhBL 3B7+Dhj)?>]20\fM 31!.U رk)Z϶G-nN&Wf"ޖrg r@E@QNDN0OMK$rs6n8ɡ`"x'ay֩TáT X7qPɠumݴjmpt$M7<6Y!Lnpp^dHUb!ľ8 bHҢ+rlΝ77J T%RѕT8TriiQW T'}PQ]]\݆Ji\K[ EBze ThjB9$z= lKɓל{A80p+Xה s\݉s\A7H rl8m8l=d0uq)p2A|9UM?+J+ vGB5~oZ7jڝ [5SJ/X鍷o iteQ.O /oⷴJy嘭]^M>|$ZVLK jIw'M2/ʹTq`RhA|n7{ˌb4ۅHŌܥ9Dkz?m-\MA.LA ]F@'pKX;Eu,_mKk>O_;uGG1"vtUI%`WIrE_KW"9$"p̖XDku_Zg_Ɨ(K @X0j76G`Q ͋qG^NMsRL 48**߃mS =.(YA~-'Uc=+2=Oɸ+mV*5>d7LSV;/fYXlAeKfe1?,LdqGd _cSnrLǚ{f l.[nr&Wn&_0{Q{c)lX}4K19y-zvߕ==ak{8֧֧C}zyQ_پmk;K 0cs^jPK4./%xeE V,VU<͗] r]Ϳdebsecan-0.4.16+nmu1/testsuite/008/status0000644000000000000000000000450511004700541014712 0ustar Package: ethereal Status: install ok installed Priority: optional Section: net Installed-Size: 1264 Maintainer: Frederic Peters Architecture: i386 Version: 0.10.12-6 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libkrb53 (>= 1.3.2), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20320 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.10-2sarge2 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 240 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libkrb53 (>= 1.3.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". debsecan-0.4.16+nmu1/testsuite/008/history0000644000000000000000000000026011004700541015062 0ustar VERSION 0 CVE-2005-3651,ethereal, CVE-2005-3313,ethereal, CVE-2005-3651,tethereal, CVE-2005-3313,tethereal, CVE-2005-3651,ethereal-common, CVE-2005-3313,ethereal-common, debsecan-0.4.16+nmu1/testsuite/004/0000755000000000000000000000000011571677120013453 5ustar debsecan-0.4.16+nmu1/testsuite/004/exp.summary0000644000000000000000000000015011004700541015643 0ustar CVE-2004-0175 openssh-client (remotely exploitable) CVE-2004-0175 openssh-server (remotely exploitable) debsecan-0.4.16+nmu1/testsuite/004/out.bugs0000644000000000000000000000001611571677120015141 0ustar CVE-2004-0175 debsecan-0.4.16+nmu1/testsuite/004/out.report0000644000000000000000000000041511571677120015517 0ustar Security report based on the sid release *** Vulnerabilities without updates CVE-2004-0175 Directory traversal vulnerability in scp for OpenSSH... - openssh-server, openssh-client (remotely exploitable) debsecan-0.4.16+nmu1/testsuite/004/exp.packages0000644000000000000000000000003611004700541015727 0ustar openssh-client openssh-server debsecan-0.4.16+nmu1/testsuite/004/exp.bugs0000644000000000000000000000001611004700541015107 0ustar CVE-2004-0175 debsecan-0.4.16+nmu1/testsuite/004/exp.report0000644000000000000000000000041511344746144015505 0ustar Security report based on the sid release *** Vulnerabilities without updates CVE-2004-0175 Directory traversal vulnerability in scp for OpenSSH... - openssh-server, openssh-client (remotely exploitable) debsecan-0.4.16+nmu1/testsuite/004/out.detail0000644000000000000000000000060011571677120015442 0ustar CVE-2004-0175 (remotely exploitable) Directory traversal vulnerability in scp for OpenSSH before 3.4p1 ... installed: openssh-server 1:4.2p1-5 (built from openssh 1:4.2p1-5) CVE-2004-0175 (remotely exploitable) Directory traversal vulnerability in scp for OpenSSH before 3.4p1 ... installed: openssh-client 1:4.2p1-5 (built from openssh 1:4.2p1-5) debsecan-0.4.16+nmu1/testsuite/004/exp.detail0000644000000000000000000000060011004700541015410 0ustar CVE-2004-0175 (remotely exploitable) Directory traversal vulnerability in scp for OpenSSH before 3.4p1 ... installed: openssh-server 1:4.2p1-5 (built from openssh 1:4.2p1-5) CVE-2004-0175 (remotely exploitable) Directory traversal vulnerability in scp for OpenSSH before 3.4p1 ... installed: openssh-client 1:4.2p1-5 (built from openssh 1:4.2p1-5) debsecan-0.4.16+nmu1/testsuite/004/out.packages0000644000000000000000000000003611571677120015761 0ustar openssh-client openssh-server debsecan-0.4.16+nmu1/testsuite/004/out.summary0000644000000000000000000000015011571677120015675 0ustar CVE-2004-0175 openssh-client (remotely exploitable) CVE-2004-0175 openssh-server (remotely exploitable) debsecan-0.4.16+nmu1/testsuite/004/sid0000644000000000000000000000022211004700541014132 0ustar xEA 0D9?@Rx-Bݧc7by3 40vjcLLIysIB! BDr#LX a܀ZT4R9x~H jH9~dǬn1=Q 9debsecan-0.4.16+nmu1/testsuite/004/status0000644000000000000000000000701011004700541014700 0ustar Package: openssh-server Status: install ok installed Priority: optional Section: net Installed-Size: 448 Maintainer: Matthew Vernon Architecture: i386 Source: openssh Version: 1:4.2p1-5 Replaces: ssh (<< 1:3.8.1p1-9), openssh-client (<< 1:3.8.1p1-11), ssh-krb5 Provides: ssh-server Depends: libc6 (>= 2.3.5-1), libcomerr2 (>= 1.33-3), libkrb53 (>= 1.3.2), libpam0g (>= 0.76), libselinux1 (>= 1.26), libssl0.9.8, libwrap0, zlib1g (>= 1:1.2.1), debconf (>= 1.2.0) | debconf-2.0, libpam-runtime (>= 0.76-14), libpam-modules (>= 0.72-9), adduser (>= 3.9), dpkg (>= 1.9.0), openssh-client (= 1:4.2p1-5) Suggests: ssh-askpass, xbase-clients, rssh Conflicts: ssh (<< 1:3.8.1p1-9), ssh-nonfree (<< 2), ssh-socks, ssh2, sftp, rsh-client (<< 0.16.1-1), ssh-krb5 Conffiles: /etc/init.d/ssh 60c7f78120c01b393255eb7619886d96 /etc/default/ssh 500e3cf069fe9a7b9936108eb9d9c035 /etc/pam.d/ssh 19d07aa0f645d6d50e55d989761d9afa Description: Secure shell server, an rshd replacement This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. . Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. It is intended as a replacement for rlogin, rsh and rcp, and can be used to provide applications with a secure communication channel. . This package provides the sshd server. . -------------------------------------------------------------------- . In some countries it may be illegal to use any encryption at all without a special permit. Package: openssh-client Status: install ok installed Priority: standard Section: net Installed-Size: 1172 Maintainer: Matthew Vernon Architecture: i386 Source: openssh Version: 1:4.2p1-5 Replaces: ssh (<< 1:3.8.1p1-9), ssh-krb5 Provides: rsh-client, ssh-client Depends: libc6 (>= 2.3.5-1), libcomerr2 (>= 1.33-3), libedit2 (>= 2.5.cvs.20010821-1), libkrb53 (>= 1.3.2), libncurses5 (>= 5.4-5), libselinux1 (>= 1.26), libssl0.9.8, zlib1g (>= 1:1.2.1), debconf (>= 1.2.0) | debconf-2.0, adduser (>= 3.10), dpkg (>= 1.7.0) Suggests: ssh-askpass, xbase-clients Conflicts: ssh (<< 1:3.8.1p1-9), sftp, rsh-client (<< 0.16.1-1), ssh-krb5 Conffiles: /etc/ssh/ssh_config 790070e72fb5a4ce36b50a151a2882a6 /etc/ssh/moduli d93b0dd7a654a68e39361caff3f3061e Description: Secure shell client, an rlogin/rsh/rcp replacement This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. . Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. It is intended as a replacement for rlogin, rsh and rcp, and can be used to provide applications with a secure communication channel. . This package provides the ssh, scp and sftp clients, the ssh-agent and ssh-add programs to make public key authentication more convenient, and the ssh-keygen, ssh-keyscan, ssh-copy-id and ssh-argv0 utilities. . -------------------------------------------------------------------- . In some countries it may be illegal to use any encryption at all without a special permit. debsecan-0.4.16+nmu1/testsuite/004/history0000644000000000000000000000011611004700541015056 0ustar VERSION 1 86400 CVE-2004-0175,openssh-client, CVE-2004-0175,openssh-server, debsecan-0.4.16+nmu1/testsuite/whitelist.out0000644000000000000000000000006511571677122015720 0ustar error: no matching whitelist entry for CAN-2006-9999 debsecan-0.4.16+nmu1/testsuite/edit-compressed0000644000000000000000000000063110601557775016170 0ustar #!/usr/bin/python import os import sys import tempfile import zlib input_name = sys.argv[1] data = zlib.decompress(file(input_name).read()) (tmp, tmp_name) = tempfile.mkstemp() try: tmp = file(tmp_name, "w") tmp.write(data) tmp.close() os.system("editor " + tmp_name) data = zlib.compress(file(tmp_name).read(), 9) file(input_name, "w+").write(data) finally: os.unlink(tmp_name) debsecan-0.4.16+nmu1/testsuite/show-compressed0000644000000000000000000000200010610443771016201 0ustar #!/usr/bin/python import sys import zlib import urllib2 from cStringIO import StringIO url_prefix = 'http://secure-testing.debian.net/debian-secure-testing/project/debsecan/release/1/' if len(sys.argv) <> 2: print "usage: %s SUITE" url = url_prefix + sys.argv[1] r = urllib2.Request(url) u = urllib2.urlopen(r) data = StringIO(zlib.decompress(u.read())) if data.readline() <> "VERSION 1\n": sys.stderr.write("error: server sends data in unknown format\n") sys.exit(1) vuln_names = [] for line in data: if line[-1:] == '\n': line = line[:-1] if line == '': break (name, flags, desc) = line.split(',', 2) vuln_names.append(name) for line in data: if line[-1:] == '\n': line = line[:-1] if line == '': break (package, vuln, rest) = line.split(',', 2) vuln = vuln_names[int(vuln)] print "%s,%s,%s" % (package, vuln, rest) for line in data: if line[-1:] == '\n': line = line[:-1] if line == '': break print line debsecan-0.4.16+nmu1/testsuite/011/0000755000000000000000000000000011571677121013452 5ustar debsecan-0.4.16+nmu1/testsuite/011/exp.summary0000644000000000000000000000613511004700541015652 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal2 (fixed, remotely exploitable, low urgency) CVE-2005-3245 ethereal2-common (fixed, remotely exploitable, low urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal2 (fixed, remotely exploitable, high urgency) CVE-2005-3246 ethereal2-common (fixed, remotely exploitable, high urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal2 (fixed, high urgency) CVE-2005-3247 ethereal2-common (fixed, high urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal2 (fixed, medium urgency) CVE-2005-3248 ethereal2-common (fixed, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal2 (fixed, remotely exploitable, low urgency) CVE-2005-3249 ethereal2-common (fixed, remotely exploitable, low urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/011/out.bugs0000644000000000000000000000025011571677121015140 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/011/out.report0000644000000000000000000000562311571677121015524 0ustar Security report based on the sid release *** New security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) - ethereal2, ethereal2-common (remotely exploitable, low urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal2, ethereal2-common (remotely exploitable, high urgency) - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal2, ethereal2-common (high urgency) - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) - ethereal2, ethereal2-common (medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) - ethereal2, ethereal2-common (remotely exploitable, low urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/011/exp.packages0000644000000000000000000000007611004700541015731 0ustar ethereal ethereal-common ethereal2 ethereal2-common tethereal debsecan-0.4.16+nmu1/testsuite/011/exp.bugs0000644000000000000000000000025011004700541015105 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/011/exp.report0000644000000000000000000000562311344746144015511 0ustar Security report based on the sid release *** New security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) - ethereal2, ethereal2-common (remotely exploitable, low urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal2, ethereal2-common (remotely exploitable, high urgency) - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal2, ethereal2-common (high urgency) - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) - ethereal2, ethereal2-common (medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) - ethereal2, ethereal2-common (remotely exploitable, low urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/011/out.detail0000644000000000000000000003361011571677121015450 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3245 (fixed, remotely exploitable, low urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, high urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, high urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, low urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, low urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, high urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, high urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, low urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/011/exp.detail0000644000000000000000000003361011004700541015415 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3245 (fixed, remotely exploitable, low urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, high urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, high urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, low urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal2 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, low urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, high urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, high urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, low urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal2-common 0.10.12-6 (built from ethereal2 0.10.12-6) fixed in unstable: ethereal2 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/011/out.packages0000644000000000000000000000007611571677121015764 0ustar ethereal ethereal-common ethereal2 ethereal2-common tethereal debsecan-0.4.16+nmu1/testsuite/011/out.summary0000644000000000000000000000613511571677121015705 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal2 (fixed, remotely exploitable, low urgency) CVE-2005-3245 ethereal2-common (fixed, remotely exploitable, low urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal2 (fixed, remotely exploitable, high urgency) CVE-2005-3246 ethereal2-common (fixed, remotely exploitable, high urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal2 (fixed, high urgency) CVE-2005-3247 ethereal2-common (fixed, high urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal2 (fixed, medium urgency) CVE-2005-3248 ethereal2-common (fixed, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal2 (fixed, remotely exploitable, low urgency) CVE-2005-3249 ethereal2-common (fixed, remotely exploitable, low urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/011/sid0000644000000000000000000000360711004700541014142 0ustar x͙r6y : EǦ[%fP$s"*Iu )Y(6Yd"qp;?wA&qY,H'/Vs x̾߷@UB+Z 1+ 2}%y>FmJY)'0'iB \lWz'0'EAfe)9b6fU&,i"Yd$ϳع OlD#0izt>dc\̓t 64Y%K%i]^;6FB7k{Ӹ s0=(B0g"lM_zYJ8 i=eVS#gZ3O4{NAz LgBoA- )@fCTP@˧dIILLؤ2R~PY";JsF2XٚC>%NN$ulk,]: cB|]H&ÔJ(}ZJ a,2 עn S1! X۴avZQ$Jfm݄|8nDq%{e\]19E1Iѐqc@4R^5]ˇ<, !u;0U)\Wv"s5^߇*1PJ+ufMҝynaw“Ǡ p=ws'X9W$U-P ByUk';+[$pdSpDUǺ\p/J. u7sR>WzUSb;6 lA猃v!͓DW8/yFw亨HMxȲf(ɮ647<>3aGTۗ"$Q 5z\7I# t$TAn4bSFg"zRȵ:-_F7R TB?à[I G O2$%yo>|r7iR=hN(|RJ~ \d4?`Jy)RJ[nCU.&ӌ *վIX&dzUz\w6,&.? C5 %nIw ӓM!`{/je+%wydǦ.l?P쮛Y^L$sRZB5iDQlhovzWD|E+Ffs%+\J^5ޫzlw,:Y?O3g~N8P'JKTR% #t(aL(5O+p};]}g>kBG̀d,3X>a~،>7@M` `f`(7! Md 㺉Xlȡ{6_ubr6NXXa[Kհ5jaP[ik`m mLmmLmG[CS[SF/u- Architecture: i386 Version: 0.10.12-6 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libkrb53 (>= 1.3.2), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal2 Status: install ok installed Priority: optional Section: net Installed-Size: 1264 Maintainer: Frederic Peters Architecture: i386 Version: 0.10.12-6 Recommends: gksu Description: network traffic analyzer Package: ethereal2-common Status: install ok installed Priority: optional Source: ethereal2 Section: net Installed-Size: 1264 Maintainer: Frederic Peters Architecture: i386 Version: 0.10.12-6 Recommends: gksu Description: network traffic analyzer Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20320 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 240 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libkrb53 (>= 1.3.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". debsecan-0.4.16+nmu1/testsuite/011/history0000644000000000000000000000026011004700541015054 0ustar VERSION 0 CVE-2005-3651,ethereal, CVE-2005-3313,ethereal, CVE-2005-3651,tethereal, CVE-2005-3313,tethereal, CVE-2005-3651,ethereal-common, CVE-2005-3313,ethereal-common, debsecan-0.4.16+nmu1/testsuite/001/0000755000000000000000000000000011571677117013456 5ustar debsecan-0.4.16+nmu1/testsuite/001/exp.summary0000644000000000000000000000475211004700541015654 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/001/out.bugs0000644000000000000000000000025011571677117015144 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/001/out.report0000644000000000000000000000514611571677117015530 0ustar Security report based on the sid release *** New security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/001/exp.packages0000644000000000000000000000004311004700541015722 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/001/exp.bugs0000644000000000000000000000025011004700541015104 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/001/exp.report0000644000000000000000000000514611344746144015510 0ustar Security report based on the sid release *** New security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/001/out.detail0000644000000000000000000002547311571677117015464 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/001/exp.detail0000644000000000000000000002547311004700541015424 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/001/out.packages0000644000000000000000000000004311571677117015762 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/001/out.summary0000644000000000000000000000475211571677117015714 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/001/sid0000644000000000000000000000356011004700541014137 0ustar x͙[s8)֒|}I ƀ M_ن Hr(CGnGʧm4&4!D=C0.6AH*{*@AyOr9 qJhxE+n /Ӻ1F]#j9dW:Єh;F0%tJf쬖qCc؅- õn㲛T} y}+iğB<6-nh}nYk7a83t\K|DWzLF@~LR4dXo#GTWM>6cB}ݎ; n!De +]&nBv%RɕTT N`Ӽc7S0R;cPS]|K[ ٫tS*VP{`!Hz lCɓl╏-C8y)|c]S.֗Tqp%qpw{Uxn))nx6O?;koؚǗsU'o v4]pENiHm:ɚl%?ij|v|B,Plq7́Xl U43p>koMmht_Q/C /o򷬊JOWhkIQH6iIX-y&խLXaFí`47`-0=/ forxY ANE*f.7v\;+y ln)lnUsA@Q;ߑIKƗ3aGTۗ"$Q 5z\7-I# t$TAn4bSFg"zRȵ:7-/kTxvPn! aЭ vl܏]fG^M_(YA~j:"Rtqۇdy_n`4#lBJpo9V,Y$d~xn^bEݾ$ O1}P :BuwR$dӼv AZgJ]^d)ٱ颋*fVG<E򭆾yy4ܾ3?RS͟7CN /bhqElp%+y\߫{^%3{C'{uB2 W_ItJQ* D!>aS5 TBOZӣtU`pWVgrMH="h̀e1'ȑ\L!r̸8 &$7aɒlt\7a 94y拶Z,S†x +l`+|IFߕ5\-u5lS[jk m hkhcjkcjӘ^he%ytK(dlh*>utKttGǵtٖ|x /6aRlQm? e+v?Go= Architecture: i386 Version: 0.10.12-6 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libkrb53 (>= 1.3.2), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20320 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 240 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libkrb53 (>= 1.3.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". debsecan-0.4.16+nmu1/testsuite/001/history0000644000000000000000000000026011004700541015053 0ustar VERSION 0 CVE-2005-3651,ethereal, CVE-2005-3313,ethereal, CVE-2005-3651,tethereal, CVE-2005-3313,tethereal, CVE-2005-3651,ethereal-common, CVE-2005-3313,ethereal-common, debsecan-0.4.16+nmu1/testsuite/filter-compressed0000644000000000000000000000276110601557775016536 0ustar #!/usr/bin/python import cStringIO import re import sys import zlib if sys.argv[1] == '-n': no_compress = True del sys.argv[1] else: no_compress = False re_filter = re.compile(sys.argv[1]) data = cStringIO.StringIO(zlib.decompress(sys.stdin.read())) line = data.readline() assert line == 'VERSION 1\n' bug_list = [] bugs = {} for line in data: assert line[-1] == '\n' line = line[:-1] if line: (name, flags, desc) = line.split(',', 2) bug_list.append(name) bugs[name] = desc else: break copied_bugs = [] copied_bugs_index = {} result_main = [] for line in data: assert line[-1] == '\n' line = line[:-1] if line: line = line.split(',') bug_name = line[1] = bug_list[int(line[1])] line_combined = ','.join(line) if re_filter.match(line_combined): if copied_bugs_index.has_key(bug_name): line[1] = str(copied_bugs_index[bug_name]) else: number = len(copied_bugs) copied_bugs.append("%s,,%s\n" % (bug_name, bugs[bug_name])) copied_bugs_index[bug_name] = number line[1] = str(number) line = ','.join(line) + '\n' result_main.append(line) else: break result = ['VERSION 1\n'] + copied_bugs + ['\n'] + result_main + ['\n'] for line in data: result.append(line) result = ''.join(result) if not no_compress: result = zlib.compress(result, 9) sys.stdout.write(result) debsecan-0.4.16+nmu1/testsuite/007/0000755000000000000000000000000011571677120013456 5ustar debsecan-0.4.16+nmu1/testsuite/007/exp.summary0000644000000000000000000000475211004700541015662 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/007/out.bugs0000644000000000000000000000025011571677120015144 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/007/out.report0000644000000000000000000000514611571677120015530 0ustar Security report based on the sid release *** New security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/007/exp.packages0000644000000000000000000000004311004700541015730 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/007/exp.bugs0000644000000000000000000000025011004700541015112 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/007/exp.report0000644000000000000000000000514611344746144015516 0ustar Security report based on the sid release *** New security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/007/out.detail0000644000000000000000000002547311571677120015464 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/007/exp.detail0000644000000000000000000002547311004700541015432 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/007/out.packages0000644000000000000000000000004311571677120015762 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/007/out.summary0000644000000000000000000000475211571677120015714 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/007/sid0000644000000000000000000000353611004700541014150 0ustar x͙Ms68uJ%~NV5̚$HD&UlЊ䐉} 6ތ< > z4Q4bAr=|ʞ `Pޓ+`tH.^F 'YI@\+ 902 hS MA_9IVKpzhyRdVf9XSq!mmVe^ ,ɒ)eJ)) @<ˋWW!㉍u03Mۻ,KPy.f<&|$+V+ע?٢V(\h4.LGz|w=̲9iٯȃ@7[,z^NvBsB٨TwϨ c5͞vP_0_gPcid7PA- )@fCXP@dIILLؤ2R~PY"+{eL}5 γ5WφwI}ٝN$cl[tɮ.:Єh;F0%4Y %BovVKɸ!1–EZtqEaކ>ĕw!k7l=~JKʂɬ͵0GlL;3{qMth $EC u6xJezt-lo8J,׭FrKDZ&2!Dvi|w@+u"*+M뎗܄* O&u͝HncXRn^VZ@*$DuUlCɓ,╏-C8y)zjc]S.֗Tqp%qp_6]_ o'oyNm uv.wK?ױ5/w.{vhŻ*yr4/ד5J~ga pNhM^N'w(N$=h3p>kϧ茖6]BoCB¨qח! /o򷬊JUOWh޽? ǒځ6ɟ|1mra;BZGzUSb;6 lA挃v̓DWW8/uFw`^g&ȲV ɮ6whnA%y}gŽ*/E !)(j"$ieo$[F2pAZAuI"hĖXD,ku_ oZ_FJ qT]"/ a;6{GpoQBR-&II&)'%W}^&M O]DEN#%Fd!Yޗ["jj?>\tk2K qXGguw#2hhLp;TPv~24-/۠YR2pYJvltQeS@r̊b'|HГIӈ;l hgvzoG?Z#om6pO.qON5ީzlw,:Z?3g~y8PGJ)r,MLB| jJ @GW u~g3'x Hf2#kM Pfav|N rdM`:0wOaE[G-)ZPaC턅6Kq$\ [ۢi[m-ֶv-11iL_[42֒S Architecture: i386 Version: 0.10.12-6 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libkrb53 (>= 1.3.2), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20320 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 240 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libkrb53 (>= 1.3.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". debsecan-0.4.16+nmu1/testsuite/007/history0000644000000000000000000000026011004700541015061 0ustar VERSION 0 CVE-2005-3651,ethereal, CVE-2005-3313,ethereal, CVE-2005-3651,tethereal, CVE-2005-3313,tethereal, CVE-2005-3651,ethereal-common, CVE-2005-3313,ethereal-common, debsecan-0.4.16+nmu1/testsuite/002/0000755000000000000000000000000011571677117013457 5ustar debsecan-0.4.16+nmu1/testsuite/002/exp.summary0000644000000000000000000000475211004700541015655 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/002/out.bugs0000644000000000000000000000025011571677120015137 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/002/out.report0000644000000000000000000000515411571677120015522 0ustar Security report based on the sid release *** Available security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/002/exp.packages0000644000000000000000000000004311004700541015723 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/002/exp.bugs0000644000000000000000000000025011004700541015105 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/002/exp.report0000644000000000000000000000515411344746144015510 0ustar Security report based on the sid release *** Available security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/002/out.detail0000644000000000000000000002547311571677120015457 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/002/exp.detail0000644000000000000000000002547311004700541015425 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/002/out.packages0000644000000000000000000000004311571677117015763 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/002/out.summary0000644000000000000000000000475211571677117015715 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3184 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/002/sid0000644000000000000000000000356011004700541014140 0ustar x͙[s8)֒|}I ƀ M_ن Hr(CGnGʧm4&4!D=C0.6AH*{*@AyOr9 qJhxE+n /Ӻ1F]#j9dW:Єh;F0%tJf쬖qCc؅- õn㲛T} y}+iğB<6-nh}nYk7a83t\K|DWzLF@~LR4dXo#GTWM>6cB}ݎ; n!De +]&nBv%RɕTT N`Ӽc7S0R;cPS]|K[ ٫tS*VP{`!Hz lCɓl╏-C8y)|c]S.֗Tqp%qpw{Uxn))nx6O?;koؚǗsU'o v4]pENiHm:ɚl%?ij|v|B,Plq7́Xl U43p>koMmht_Q/C /o򷬊JOWhkIQH6iIX-y&խLXaFí`47`-0=/ forxY ANE*f.7v\;+y ln)lnUsA@Q;ߑIKƗ3aGTۗ"$Q 5z\7-I# t$TAn4bSFg"zRȵ:7-/kTxvPn! aЭ vl܏]fG^M_(YA~j:"Rtqۇdy_n`4#lBJpo9V,Y$d~xn^bEݾ$ O1}P :BuwR$dӼv AZgJ]^d)ٱ颋*fVG<E򭆾yy4ܾ3?RS͟7CN /bhqElp%+y\߫{^%3{C'{uB2 W_ItJQ* D!>aS5 TBOZӣtU`pWVgrMH="h̀e1'ȑ\L!r̸8 &$7aɒlt\7a 94y拶Z,S†x +l`+|IFߕ5\-u5lS[jk m hkhcjkcjӘ^he%ytK(dlh*>utKttGǵtٖ|x /6aRlQm? e+v?Go= Architecture: i386 Version: 0.10.12-6 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libkrb53 (>= 1.3.2), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20320 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 240 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libkrb53 (>= 1.3.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". debsecan-0.4.16+nmu1/testsuite/002/history0000644000000000000000000000175611004700541015067 0ustar VERSION 0 CVE-2005-3651,ethereal, CVE-2005-3313,ethereal, CVE-2005-3184,ethereal,F CVE-2005-3241,ethereal,F CVE-2005-3242,ethereal,F CVE-2005-3243,ethereal,F CVE-2005-3244,ethereal,F CVE-2005-3245,ethereal,F CVE-2005-3246,ethereal,F CVE-2005-3247,ethereal,F CVE-2005-3248,ethereal,F CVE-2005-3249,ethereal,F CVE-2005-3651,tethereal, CVE-2005-3313,tethereal, CVE-2005-3184,tethereal,F CVE-2005-3241,tethereal,F CVE-2005-3242,tethereal,F CVE-2005-3243,tethereal,F CVE-2005-3244,tethereal,F CVE-2005-3245,tethereal,F CVE-2005-3246,tethereal,F CVE-2005-3247,tethereal,F CVE-2005-3248,tethereal,F CVE-2005-3249,tethereal,F CVE-2005-3651,ethereal-common, CVE-2005-3313,ethereal-common, CVE-2005-3184,ethereal-common,F CVE-2005-3241,ethereal-common,F CVE-2005-3242,ethereal-common,F CVE-2005-3243,ethereal-common,F CVE-2005-3244,ethereal-common,F CVE-2005-3245,ethereal-common,F CVE-2005-3246,ethereal-common,F CVE-2005-3247,ethereal-common,F CVE-2005-3248,ethereal-common,F CVE-2005-3249,ethereal-common,F debsecan-0.4.16+nmu1/testsuite/013/0000755000000000000000000000000011571677121013454 5ustar debsecan-0.4.16+nmu1/testsuite/013/exp.summary0000644000000000000000000000421711004700541015653 0ustar CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/013/out.bugs0000644000000000000000000000023211571677122015143 0ustar CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/013/out.report0000644000000000000000000000471111571677122015524 0ustar Security report based on the sid release *** New security updates CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common (remotely exploitable, medium urgency) Note that some vulnerablities have been whitelisted and are not included in this report. debsecan-0.4.16+nmu1/testsuite/013/whitelist0000644000000000000000000000011011004700541015363 0ustar VERSION 0 CVE-2005-3184, CVE-2005-3241,ethereal CVE-2005-3651,tethereal debsecan-0.4.16+nmu1/testsuite/013/exp.packages0000644000000000000000000000004311004700541015725 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/013/exp.bugs0000644000000000000000000000023211004700541015107 0ustar CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/013/exp.report0000644000000000000000000000471111344746144015510 0ustar Security report based on the sid release *** New security updates CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common (remotely exploitable, medium urgency) Note that some vulnerablities have been whitelisted and are not included in this report. debsecan-0.4.16+nmu1/testsuite/013/out.detail0000644000000000000000000002245711571677122015462 0ustar CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) debsecan-0.4.16+nmu1/testsuite/013/exp.detail0000644000000000000000000002245711004700541015426 0ustar CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10.12-6) debsecan-0.4.16+nmu1/testsuite/013/out.packages0000644000000000000000000000004311571677121015760 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/013/out.summary0000644000000000000000000000421711571677121015706 0ustar CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 tethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/013/sid0000644000000000000000000000356011004700541014142 0ustar x͙[s8)֒|}I ƀ M_ن Hr(CGnGʧm4&4!D=C0.6AH*{*@AyOr9 qJhxE+n /Ӻ1F]#j9dW:Єh;F0%tJf쬖qCc؅- õn㲛T} y}+iğB<6-nh}nYk7a83t\K|DWzLF@~LR4dXo#GTWM>6cB}ݎ; n!De +]&nBv%RɕTT N`Ӽc7S0R;cPS]|K[ ٫tS*VP{`!Hz lCɓl╏-C8y)|c]S.֗Tqp%qpw{Uxn))nx6O?;koؚǗsU'o v4]pENiHm:ɚl%?ij|v|B,Plq7́Xl U43p>koMmht_Q/C /o򷬊JOWhkIQH6iIX-y&խLXaFí`47`-0=/ forxY ANE*f.7v\;+y ln)lnUsA@Q;ߑIKƗ3aGTۗ"$Q 5z\7-I# t$TAn4bSFg"zRȵ:7-/kTxvPn! aЭ vl܏]fG^M_(YA~j:"Rtqۇdy_n`4#lBJpo9V,Y$d~xn^bEݾ$ O1}P :BuwR$dӼv AZgJ]^d)ٱ颋*fVG<E򭆾yy4ܾ3?RS͟7CN /bhqElp%+y\߫{^%3{C'{uB2 W_ItJQ* D!>aS5 TBOZӣtU`pWVgrMH="h̀e1'ȑ\L!r̸8 &$7aɒlt\7a 94y拶Z,S†x +l`+|IFߕ5\-u5lS[jk m hkhcjkcjӘ^he%ytK(dlh*>utKttGǵtٖ|x /6aRlQm? e+v?Go= Architecture: i386 Version: 0.10.12-6 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libkrb53 (>= 1.3.2), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20320 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 240 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libkrb53 (>= 1.3.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". debsecan-0.4.16+nmu1/testsuite/013/history0000644000000000000000000000026011004700541015056 0ustar VERSION 0 CVE-2005-3651,ethereal, CVE-2005-3313,ethereal, CVE-2005-3651,tethereal, CVE-2005-3313,tethereal, CVE-2005-3651,ethereal-common, CVE-2005-3313,ethereal-common, debsecan-0.4.16+nmu1/testsuite/run.sh0000644000000000000000000000603510601557775014322 0ustar #!/bin/bash set -e export LC_ALL=C url="file://$(pwd)" debsecan="python ../src/debsecan" # Check that python-apt is installed. python -c "import apt_pkg" for testcase in [0-9][0-9][0-9] ; do for format in summary packages bugs detail report ; do for suite in sid ; do if test -e $testcase/$suite ; then if test -e $testcase/options ; then options="$(cat $testcase/options)" else options="" fi if test -e $testcase/whitelist ; then options="$options --whitelist $testcase/whitelist" else options="$options --whitelist ''" fi if $debsecan $options \ --config /dev/null \ --suite $suite \ --source "$url/$testcase" \ --history $testcase/history \ --status $testcase/status \ --format $format > $testcase/out.$format 2>&1 ; then if test $format = summary ; then sort $testcase/out.$format > $testcase/out.$format.1 mv $testcase/out.$format.1 $testcase/out.$format fi diff -u $testcase/exp.$format $testcase/out.$format else echo "FAIL: debsecan failed. Output follows:" cat $testcase/out.$format exit 1 fi fi done done done # Test the whitelist editing functionality. rm -f whitelist.test $debsecan --whitelist whitelist.test --add-whitelist CAN-2006-0001 cat > whitelist.exp < whitelist.exp < whitelist.exp < whitelist.exp < whitelist.out cat > whitelist.exp <whitelist.out ; then echo "FAILURE: --remove-whitelist on unknown package" exit 1 else cat > whitelist.exp <whitelist.out ; then echo "FAILURE: --remove-whitelist on unknown bug" exit 1 else cat > whitelist.exp < whitelist.exp <n /Ӻ1F]#j9dW:Єh;F0%tJf쬖qCc؅- õn㲛T} y}+iğB<6-nh}nYk7a83t\K|DWzLF@~LR4dXo#GTWM>6cB}ݎ; n!De +]&nBv%RɕTT N`Ӽc7S0R;cPS]|K[ ٫tS*VP{`!Hz lCɓl╏-C8y)|c]S.֗Tqp%qpw{Uxn))nx6O?;koؚǗsU'o v4]pENiHm:ɚl%?ij|v|B,Plq7́Xl U43p>koMmht_Q/C /o򷬊JOWhkIQH6iIX-y&խLXaFí`47`-0=/ forxY ANE*f.7v\;+y ln)lnUsA@Q;ߑIKƗ3aGTۗ"$Q 5z\7-I# t$TAn4bSFg"zRȵ:7-/kTxvPn! aЭ vl܏]fG^M_(YA~j:"Rtqۇdy_n`4#lBJpo9V,Y$d~xn^bEݾ$ O1}P :BuwR$dӼv AZgJ]^d)ٱ颋*fVG<E򭆾yy4ܾ3?RS͟7CN /bhqElp%+y\߫{^%3{C'{uB2 W_ItJQ* D!>aS5 TBOZӣtU`pWVgrMH="h̀e1'ȑ\L!r̸8 &$7aɒlt\7a 94y拶Z,S†x +l`+|IFߕ5\-u5lS[jk m hkhcjkcjӘ^he%ytK(dlh*>utKttGǵtٖ|x /6aRlQm? e+v?Go= Architecture: i386 Source: boost Version: 1.33.0-5 Replaces: libboost-test1.33.0 Depends: libc6 (>= 2.3.5-1), libgcc1 (>= 1:4.0.2), libstdc++6 (>= 4.0.2-4) Conflicts: libboost-test1.33.0 Description: components for writing and executing test suites debsecan-0.4.16+nmu1/testsuite/009/history0000644000000000000000000000002011004700541015055 0ustar VERSION 1 86400 debsecan-0.4.16+nmu1/testsuite/010/0000755000000000000000000000000011571677121013451 5ustar debsecan-0.4.16+nmu1/testsuite/010/exp.summary0000644000000000000000000000015011004700541015640 0ustar CVE-2005-0034 bind9 (fixed, remotely exploitable) CVE-2005-0064 pdftohtml (fixed, remotely exploitable) debsecan-0.4.16+nmu1/testsuite/010/out.bugs0000644000000000000000000000003411571677121015137 0ustar CVE-2005-0034 CVE-2005-0064 debsecan-0.4.16+nmu1/testsuite/010/options0000644000000000000000000000001611004700541015044 0ustar --no-obsolete debsecan-0.4.16+nmu1/testsuite/010/out.report0000644000000000000000000000061411571677121015516 0ustar Security report based on the sid release *** Available security updates CVE-2005-0034 An "incorrect assumption" in the... - bind9 (remotely exploitable) CVE-2005-0064 Buffer overflow in the Decrypt::makeFileKey2 function - pdftohtml (remotely exploitable) debsecan-0.4.16+nmu1/testsuite/010/exp.packages0000644000000000000000000000002011004700541015715 0ustar bind9 pdftohtml debsecan-0.4.16+nmu1/testsuite/010/exp.bugs0000644000000000000000000000003411004700541015104 0ustar CVE-2005-0034 CVE-2005-0064 debsecan-0.4.16+nmu1/testsuite/010/exp.report0000644000000000000000000000061411344746144015503 0ustar Security report based on the sid release *** Available security updates CVE-2005-0034 An "incorrect assumption" in the... - bind9 (remotely exploitable) CVE-2005-0064 Buffer overflow in the Decrypt::makeFileKey2 function - pdftohtml (remotely exploitable) debsecan-0.4.16+nmu1/testsuite/010/out.detail0000644000000000000000000000136711571677121015453 0ustar CVE-2005-0034 (fixed, remotely exploitable) An "incorrect assumption" in the authvalidated validator function in ... installed: bind9 1:9.3.0-1 (built from bind9 1:9.3.0-1) fixed in unstable: bind9 1:9.3.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.2 (source package) fixed on branch: bind9 1:9.2.4-1 (source package) fix is available for the selected suite (sid) CVE-2005-0064 (fixed, remotely exploitable) Buffer overflow in the Decrypt::makeFileKey2 function installed: pdftohtml 0.36-10 (built from pdftohtml 0.36-10) fixed in unstable: pdftohtml 0.36-11 (source package) fix is available for the selected suite (sid) debsecan-0.4.16+nmu1/testsuite/010/exp.detail0000644000000000000000000000136711004700541015420 0ustar CVE-2005-0034 (fixed, remotely exploitable) An "incorrect assumption" in the authvalidated validator function in ... installed: bind9 1:9.3.0-1 (built from bind9 1:9.3.0-1) fixed in unstable: bind9 1:9.3.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.2 (source package) fixed on branch: bind9 1:9.2.4-1 (source package) fix is available for the selected suite (sid) CVE-2005-0064 (fixed, remotely exploitable) Buffer overflow in the Decrypt::makeFileKey2 function installed: pdftohtml 0.36-10 (built from pdftohtml 0.36-10) fixed in unstable: pdftohtml 0.36-11 (source package) fix is available for the selected suite (sid) debsecan-0.4.16+nmu1/testsuite/010/out.packages0000644000000000000000000000002011571677121015750 0ustar bind9 pdftohtml debsecan-0.4.16+nmu1/testsuite/010/out.summary0000644000000000000000000000015011571677121015673 0ustar CVE-2005-0034 bind9 (fixed, remotely exploitable) CVE-2005-0064 pdftohtml (fixed, remotely exploitable) debsecan-0.4.16+nmu1/testsuite/010/sid0000644000000000000000000000040311004700541014130 0ustar xmKo0>d[CJ q~4V;#Q} B/3vggwyB{DHт⃶y/yUivڂXKPXwѢR*Y>))%=pʸ"XM%79߮,k+ Hl֐1=:1;'L|¦Ѭ*:6S Q G.K6M "3<\kЁ3ܒ34Fe?Udebsecan-0.4.16+nmu1/testsuite/010/status0000644000000000000000000000312211004700541014675 0ustar Package: libisc7 Status: install ok installed Priority: standard Section: libs Installed-Size: 332 Maintainer: LaMont Jones Architecture: i386 Source: bind9 Version: 1:9.3.0-1 Replaces: libbind0 Depends: libc6 (>= 2.3.2.ds1-4) Conflicts: libbind0 Description: ISC Shared Library used by BIND The Berkeley Internet Name Domain (BIND) implements an Internet domain name server. BIND is the most widely-used name server software on the Internet, and is supported by the Internet Software Consortium, www.isc.org. . This package delivers the libisc shared library used by BIND's daemons and clients. Package: bind9 Status: install ok installed Priority: optional Section: net Installed-Size: 616 Maintainer: LaMont Jones Architecture: i386 Version: 1:9.3.0-1 Replaces: bind, dnsutils (<< 1:9.1.0-3) Depends: libbind9-0, libc6 (>= 2.3.5-1), libdns20, libisc9, libisccc0, libisccfg1, liblwres1, libssl0.9.8, netbase, adduser, libdns20 (= 1:9.3.1-2.0.1), libisccfg1 (= 1:9.3.1-2.0.1), libisc9 (= 1:9.3.1-2.0.1), libisccc0 (= 1:9.3.1-2.0.1) Suggests: dnsutils, bind9-doc Description: Internet Domain Name Server Package: pdftohtml Status: install ok installed Priority: optional Section: text Installed-Size: 696 Maintainer: Frederic Peters Architecture: i386 Version: 0.36-10 Depends: libc6 (>= 2.3.2.ds1-4), libgcc1 (>= 1:3.4.1-3), libstdc++5 (>= 1:3.3.4-1), gs Recommends: xpdf-common Filename: pool/main/p/pdftohtml/pdftohtml_0.36-11_i386.deb Size: 253142 MD5sum: 6db7eb4ac43616f355cf2ad8fc935865 Description: Translates pdf documents into html format debsecan-0.4.16+nmu1/testsuite/010/history0000644000000000000000000000012211004700541015050 0ustar VERSION 0 CVE-2005-0034,libisc7,F CVE-2005-0034,bind9,F CVE-2005-0064,pdftohtml,F debsecan-0.4.16+nmu1/testsuite/003/0000755000000000000000000000000011571677120013452 5ustar debsecan-0.4.16+nmu1/testsuite/003/exp.summary0000644000000000000000000000060411004700541015646 0ustar CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/003/out.bugs0000644000000000000000000000003411571677120015140 0ustar CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/003/out.report0000644000000000000000000000332711571677120015523 0ustar Security report based on the sid release *** Fixed vulnerabilities CVE-2005-3184 - ethereal - ethereal-common - tethereal CVE-2005-3241 - ethereal - ethereal-common - tethereal CVE-2005-3242 - ethereal - ethereal-common - tethereal CVE-2005-3243 - ethereal - ethereal-common - tethereal CVE-2005-3244 - ethereal - ethereal-common - tethereal CVE-2005-3245 - ethereal - ethereal-common - tethereal CVE-2005-3246 - ethereal - ethereal-common - tethereal CVE-2005-3247 - ethereal - ethereal-common - tethereal CVE-2005-3248 - ethereal - ethereal-common - tethereal CVE-2005-3249 - ethereal - ethereal-common - tethereal *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/003/exp.packages0000644000000000000000000000004311004700541015724 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/003/exp.bugs0000644000000000000000000000003411004700541015106 0ustar CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/003/exp.report0000644000000000000000000000332711344746144015511 0ustar Security report based on the sid release *** Fixed vulnerabilities CVE-2005-3184 - ethereal - ethereal-common - tethereal CVE-2005-3241 - ethereal - ethereal-common - tethereal CVE-2005-3242 - ethereal - ethereal-common - tethereal CVE-2005-3243 - ethereal - ethereal-common - tethereal CVE-2005-3244 - ethereal - ethereal-common - tethereal CVE-2005-3245 - ethereal - ethereal-common - tethereal CVE-2005-3246 - ethereal - ethereal-common - tethereal CVE-2005-3247 - ethereal - ethereal-common - tethereal CVE-2005-3248 - ethereal - ethereal-common - tethereal CVE-2005-3249 - ethereal - ethereal-common - tethereal *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/003/out.detail0000644000000000000000000000263611571677120015454 0ustar CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.13-1 (built from ethereal 0.10.13-1) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.13-1 (built from ethereal 0.10.13-1) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.13-1 (built from ethereal 0.10.13-1) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.13-1 (built from ethereal 0.10.13-1) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.13-1 (built from ethereal 0.10.13-1) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.13-1 (built from ethereal 0.10.13-1) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/003/exp.detail0000644000000000000000000000263611004700541015422 0ustar CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.13-1 (built from ethereal 0.10.13-1) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.13-1 (built from ethereal 0.10.13-1) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.13-1 (built from ethereal 0.10.13-1) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.13-1 (built from ethereal 0.10.13-1) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.13-1 (built from ethereal 0.10.13-1) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.13-1 (built from ethereal 0.10.13-1) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/003/out.packages0000644000000000000000000000004311571677120015756 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/003/out.summary0000644000000000000000000000060411571677120015700 0ustar CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/003/sid0000644000000000000000000000356011004700541014141 0ustar x͙[s8)֒|}I ƀ M_ن Hr(CGnGʧm4&4!D=C0.6AH*{*@AyOr9 qJhxE+n /Ӻ1F]#j9dW:Єh;F0%tJf쬖qCc؅- õn㲛T} y}+iğB<6-nh}nYk7a83t\K|DWzLF@~LR4dXo#GTWM>6cB}ݎ; n!De +]&nBv%RɕTT N`Ӽc7S0R;cPS]|K[ ٫tS*VP{`!Hz lCɓl╏-C8y)|c]S.֗Tqp%qpw{Uxn))nx6O?;koؚǗsU'o v4]pENiHm:ɚl%?ij|v|B,Plq7́Xl U43p>koMmht_Q/C /o򷬊JOWhkIQH6iIX-y&խLXaFí`47`-0=/ forxY ANE*f.7v\;+y ln)lnUsA@Q;ߑIKƗ3aGTۗ"$Q 5z\7-I# t$TAn4bSFg"zRȵ:7-/kTxvPn! aЭ vl܏]fG^M_(YA~j:"Rtqۇdy_n`4#lBJpo9V,Y$d~xn^bEݾ$ O1}P :BuwR$dӼv AZgJ]^d)ٱ颋*fVG<E򭆾yy4ܾ3?RS͟7CN /bhqElp%+y\߫{^%3{C'{uB2 W_ItJQ* D!>aS5 TBOZӣtU`pWVgrMH="h̀e1'ȑ\L!r̸8 &$7aɒlt\7a 94y拶Z,S†x +l`+|IFߕ5\-u5lS[jk m hkhcjkcjӘ^he%ytK(dlh*>utKttGǵtٖ|x /6aRlQm? e+v?Go= Architecture: i386 Version: 0.10.13-1 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.13-1) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20960 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.13-1 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 244 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.13-1 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.13-1) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". debsecan-0.4.16+nmu1/testsuite/003/history0000644000000000000000000000175611004700541015070 0ustar VERSION 0 CVE-2005-3651,ethereal, CVE-2005-3313,ethereal, CVE-2005-3184,ethereal,F CVE-2005-3241,ethereal,F CVE-2005-3242,ethereal,F CVE-2005-3243,ethereal,F CVE-2005-3244,ethereal,F CVE-2005-3245,ethereal,F CVE-2005-3246,ethereal,F CVE-2005-3247,ethereal,F CVE-2005-3248,ethereal,F CVE-2005-3249,ethereal,F CVE-2005-3651,tethereal, CVE-2005-3313,tethereal, CVE-2005-3184,tethereal,F CVE-2005-3241,tethereal,F CVE-2005-3242,tethereal,F CVE-2005-3243,tethereal,F CVE-2005-3244,tethereal,F CVE-2005-3245,tethereal,F CVE-2005-3246,tethereal,F CVE-2005-3247,tethereal,F CVE-2005-3248,tethereal,F CVE-2005-3249,tethereal,F CVE-2005-3651,ethereal-common, CVE-2005-3313,ethereal-common, CVE-2005-3184,ethereal-common,F CVE-2005-3241,ethereal-common,F CVE-2005-3242,ethereal-common,F CVE-2005-3243,ethereal-common,F CVE-2005-3244,ethereal-common,F CVE-2005-3245,ethereal-common,F CVE-2005-3246,ethereal-common,F CVE-2005-3247,ethereal-common,F CVE-2005-3248,ethereal-common,F CVE-2005-3249,ethereal-common,F debsecan-0.4.16+nmu1/testsuite/005/0000755000000000000000000000000011571677120013454 5ustar debsecan-0.4.16+nmu1/testsuite/005/exp.summary0000644000000000000000000000024611004700541015652 0ustar CVE-2005-0034 bind9 (fixed, remotely exploitable) CVE-2005-0034 libisc7 (fixed, remotely exploitable, obsolete) CVE-2005-0064 pdftohtml (fixed, remotely exploitable) debsecan-0.4.16+nmu1/testsuite/005/out.bugs0000644000000000000000000000003411571677120015142 0ustar CVE-2005-0034 CVE-2005-0064 debsecan-0.4.16+nmu1/testsuite/005/out.report0000644000000000000000000000120211571677120015513 0ustar Security report based on the sid release *** Available security updates CVE-2005-0034 An "incorrect assumption" in the... - bind9 (remotely exploitable) - libisc7 (remotely exploitable, obsolete) CVE-2005-0064 Buffer overflow in the Decrypt::makeFileKey2 function - pdftohtml (remotely exploitable) Note that some packages were marked as obsolete. To deal with the vulnerabilities in them, you need to remove them. Before you can do this, you may have to upgrade other packages depending on them. debsecan-0.4.16+nmu1/testsuite/005/exp.packages0000644000000000000000000000003011004700541015722 0ustar bind9 libisc7 pdftohtml debsecan-0.4.16+nmu1/testsuite/005/exp.bugs0000644000000000000000000000003411004700541015110 0ustar CVE-2005-0034 CVE-2005-0064 debsecan-0.4.16+nmu1/testsuite/005/exp.report0000644000000000000000000000120211344746144015501 0ustar Security report based on the sid release *** Available security updates CVE-2005-0034 An "incorrect assumption" in the... - bind9 (remotely exploitable) - libisc7 (remotely exploitable, obsolete) CVE-2005-0064 Buffer overflow in the Decrypt::makeFileKey2 function - pdftohtml (remotely exploitable) Note that some packages were marked as obsolete. To deal with the vulnerabilities in them, you need to remove them. Before you can do this, you may have to upgrade other packages depending on them. debsecan-0.4.16+nmu1/testsuite/005/out.detail0000644000000000000000000000237111571677120015452 0ustar CVE-2005-0034 (fixed, remotely exploitable) An "incorrect assumption" in the authvalidated validator function in ... installed: libisc7 1:9.3.0-1 (built from bind9 1:9.3.0-1) package is obsolete fixed in unstable: bind9 1:9.3.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.2 (source package) fixed on branch: bind9 1:9.2.4-1 (source package) fix is available for the selected suite (sid) CVE-2005-0034 (fixed, remotely exploitable) An "incorrect assumption" in the authvalidated validator function in ... installed: bind9 1:9.3.0-1 (built from bind9 1:9.3.0-1) fixed in unstable: bind9 1:9.3.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.2 (source package) fixed on branch: bind9 1:9.2.4-1 (source package) fix is available for the selected suite (sid) CVE-2005-0064 (fixed, remotely exploitable) Buffer overflow in the Decrypt::makeFileKey2 function installed: pdftohtml 0.36-10 (built from pdftohtml 0.36-10) fixed in unstable: pdftohtml 0.36-11 (source package) fix is available for the selected suite (sid) debsecan-0.4.16+nmu1/testsuite/005/exp.detail0000644000000000000000000000237111004700541015420 0ustar CVE-2005-0034 (fixed, remotely exploitable) An "incorrect assumption" in the authvalidated validator function in ... installed: libisc7 1:9.3.0-1 (built from bind9 1:9.3.0-1) package is obsolete fixed in unstable: bind9 1:9.3.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.2 (source package) fixed on branch: bind9 1:9.2.4-1 (source package) fix is available for the selected suite (sid) CVE-2005-0034 (fixed, remotely exploitable) An "incorrect assumption" in the authvalidated validator function in ... installed: bind9 1:9.3.0-1 (built from bind9 1:9.3.0-1) fixed in unstable: bind9 1:9.3.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.1 (source package) fixed on branch: bind9 1:9.2.1-2.woody.2 (source package) fixed on branch: bind9 1:9.2.4-1 (source package) fix is available for the selected suite (sid) CVE-2005-0064 (fixed, remotely exploitable) Buffer overflow in the Decrypt::makeFileKey2 function installed: pdftohtml 0.36-10 (built from pdftohtml 0.36-10) fixed in unstable: pdftohtml 0.36-11 (source package) fix is available for the selected suite (sid) debsecan-0.4.16+nmu1/testsuite/005/out.packages0000644000000000000000000000003011571677120015754 0ustar bind9 libisc7 pdftohtml debsecan-0.4.16+nmu1/testsuite/005/out.summary0000644000000000000000000000024611571677120015704 0ustar CVE-2005-0034 bind9 (fixed, remotely exploitable) CVE-2005-0034 libisc7 (fixed, remotely exploitable, obsolete) CVE-2005-0064 pdftohtml (fixed, remotely exploitable) debsecan-0.4.16+nmu1/testsuite/005/sid0000644000000000000000000000040311004700541014134 0ustar xmKo0>d[CJ q~4V;#Q} B/3vggwyB{DHт⃶y/yUivڂXKPXwѢR*Y>))%=pʸ"XM%79߮,k+ Hl֐1=:1;'L|¦Ѭ*:6S Q G.K6M "3<\kЁ3ܒ34Fe?Udebsecan-0.4.16+nmu1/testsuite/005/status0000644000000000000000000000312211004700541014701 0ustar Package: libisc7 Status: install ok installed Priority: standard Section: libs Installed-Size: 332 Maintainer: LaMont Jones Architecture: i386 Source: bind9 Version: 1:9.3.0-1 Replaces: libbind0 Depends: libc6 (>= 2.3.2.ds1-4) Conflicts: libbind0 Description: ISC Shared Library used by BIND The Berkeley Internet Name Domain (BIND) implements an Internet domain name server. BIND is the most widely-used name server software on the Internet, and is supported by the Internet Software Consortium, www.isc.org. . This package delivers the libisc shared library used by BIND's daemons and clients. Package: bind9 Status: install ok installed Priority: optional Section: net Installed-Size: 616 Maintainer: LaMont Jones Architecture: i386 Version: 1:9.3.0-1 Replaces: bind, dnsutils (<< 1:9.1.0-3) Depends: libbind9-0, libc6 (>= 2.3.5-1), libdns20, libisc9, libisccc0, libisccfg1, liblwres1, libssl0.9.8, netbase, adduser, libdns20 (= 1:9.3.1-2.0.1), libisccfg1 (= 1:9.3.1-2.0.1), libisc9 (= 1:9.3.1-2.0.1), libisccc0 (= 1:9.3.1-2.0.1) Suggests: dnsutils, bind9-doc Description: Internet Domain Name Server Package: pdftohtml Status: install ok installed Priority: optional Section: text Installed-Size: 696 Maintainer: Frederic Peters Architecture: i386 Version: 0.36-10 Depends: libc6 (>= 2.3.2.ds1-4), libgcc1 (>= 1:3.4.1-3), libstdc++5 (>= 1:3.3.4-1), gs Recommends: xpdf-common Filename: pool/main/p/pdftohtml/pdftohtml_0.36-11_i386.deb Size: 253142 MD5sum: 6db7eb4ac43616f355cf2ad8fc935865 Description: Translates pdf documents into html format debsecan-0.4.16+nmu1/testsuite/005/history0000644000000000000000000000012211004700541015054 0ustar VERSION 0 CVE-2005-0034,libisc7,F CVE-2005-0034,bind9,F CVE-2005-0064,pdftohtml,F debsecan-0.4.16+nmu1/testsuite/012/0000755000000000000000000000000011571677121013453 5ustar debsecan-0.4.16+nmu1/testsuite/012/exp.summary0000644000000000000000000000345611004700541015656 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/012/out.bugs0000644000000000000000000000025011571677121015141 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/012/out.report0000644000000000000000000000472011571677121015522 0ustar Security report based on the sid release *** New security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/012/exp.packages0000644000000000000000000000004311004700541015724 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/012/exp.bugs0000644000000000000000000000025011004700541015106 0ustar CVE-2005-3184 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3245 CVE-2005-3246 CVE-2005-3247 CVE-2005-3248 CVE-2005-3249 CVE-2005-3313 CVE-2005-3651 debsecan-0.4.16+nmu1/testsuite/012/exp.report0000644000000000000000000000472011344746144015507 0ustar Security report based on the sid release *** New security updates CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3248 Unspecified vulnerability in the X11 dissector in... - ethereal, ethereal-common (remotely exploitable, medium urgency) CVE-2005-3249 Unspecified vulnerability in the WSP dissector in... - ethereal, ethereal-common (remotely exploitable, medium urgency) *** Vulnerabilities without updates CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) CVE-2005-3651 Stack-based buffer overflow in the... - ethereal, ethereal-common, tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/012/out.detail0000644000000000000000000001730211571677121015451 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10_12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10_12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/012/exp.detail0000644000000000000000000001730211004700541015416 0ustar CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3184 (fixed, remotely exploitable, medium urgency) Buffer overflow vulnerability in the unicode_to_bytes in the Service ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3241 (fixed, remotely exploitable, medium urgency) Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3242 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3243 (fixed, remotely exploitable, medium urgency) Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3244 (fixed, remotely exploitable, medium urgency) The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3245 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3246 (fixed, remotely exploitable, medium urgency) Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3247 (fixed, remotely exploitable, medium urgency) The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3248 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3249 (fixed, remotely exploitable, medium urgency) Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed in unstable: ethereal 0.10.13-1 (source package) fix is available for the selected suite (sid) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: ethereal-common 0.10.12-6 (built from ethereal 0.10.12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) CVE-2005-3313 (remotely exploitable, medium urgency) The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers ... installed: tethereal 0.10.12-6 (built from ethereal 0.10_12-6) CVE-2005-3651 (remotely exploitable, medium urgency) Stack-based buffer overflow in the dissect_ospf_v3_address_prefix ... installed: tethereal 0.10.12-6 (built from ethereal 0.10_12-6) fixed on branch: ethereal 0.10.10-2sarge4 (source package) debsecan-0.4.16+nmu1/testsuite/012/out.packages0000644000000000000000000000004311571677121015757 0ustar ethereal ethereal-common tethereal debsecan-0.4.16+nmu1/testsuite/012/out.summary0000644000000000000000000000345611571677121015711 0ustar CVE-2005-3184 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3184 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3241 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3242 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3243 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3244 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3245 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3246 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3247 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3248 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal (fixed, remotely exploitable, medium urgency) CVE-2005-3249 ethereal-common (fixed, remotely exploitable, medium urgency) CVE-2005-3313 ethereal (remotely exploitable, medium urgency) CVE-2005-3313 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3313 tethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal (remotely exploitable, medium urgency) CVE-2005-3651 ethereal-common (remotely exploitable, medium urgency) CVE-2005-3651 tethereal (remotely exploitable, medium urgency) debsecan-0.4.16+nmu1/testsuite/012/sid0000644000000000000000000000356011004700541014141 0ustar x͙[s8)֒|}I ƀ M_ن Hr(CGnGʧm4&4!D=C0.6AH*{*@AyOr9 qJhxE+n /Ӻ1F]#j9dW:Єh;F0%tJf쬖qCc؅- õn㲛T} y}+iğB<6-nh}nYk7a83t\K|DWzLF@~LR4dXo#GTWM>6cB}ݎ; n!De +]&nBv%RɕTT N`Ӽc7S0R;cPS]|K[ ٫tS*VP{`!Hz lCɓl╏-C8y)|c]S.֗Tqp%qpw{Uxn))nx6O?;koؚǗsU'o v4]pENiHm:ɚl%?ij|v|B,Plq7́Xl U43p>koMmht_Q/C /o򷬊JOWhkIQH6iIX-y&խLXaFí`47`-0=/ forxY ANE*f.7v\;+y ln)lnUsA@Q;ߑIKƗ3aGTۗ"$Q 5z\7-I# t$TAn4bSFg"zRȵ:7-/kTxvPn! aЭ vl܏]fG^M_(YA~j:"Rtqۇdy_n`4#lBJpo9V,Y$d~xn^bEݾ$ O1}P :BuwR$dӼv AZgJ]^d)ٱ颋*fVG<E򭆾yy4ܾ3?RS͟7CN /bhqElp%+y\߫{^%3{C'{uB2 W_ItJQ* D!>aS5 TBOZӣtU`pWVgrMH="h̀e1'ȑ\L!r̸8 &$7aɒlt\7a 94y拶Z,S†x +l`+|IFߕ5\-u5lS[jk m hkhcjkcjӘ^he%ytK(dlh*>utKttGǵtٖ|x /6aRlQm? e+v?Go== 2.2.4-4), libglib1.2 (>= 1.2.0), libgtk1.2 (>= 1.2.10-4), xlibs (>= 4.1.0) Description: NeroLINUX CD/DVD Burning Software Copyright: Nero AG NeroLINUX uses Nero 6.6's embedded API to bring Nero's powerful CD/DVD-writer functions to the Linux Desktop. Package: ethereal Status: install ok installed Priority: optional Section: net Installed-Size: 1264 Maintainer: Frederic Peters Architecture: i386 Version: 0.10.12-6 Depends: libadns1, libatk1.0-0 (>= 1.9.0), libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libgtk2.0-0 (>= 2.6.0), libkrb53 (>= 1.3.2), libpango1.0-0 (>= 1.8.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Recommends: gksu Description: network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides ethereal (the GTK+ version) Package: ethereal-common Status: install ok installed Priority: optional Section: net Installed-Size: 20320 Maintainer: Frederic Peters Architecture: i386 Source: ethereal Version: 0.10.12-6 Depends: libc6 (>= 2.3.5-1), libcap1, libglib2.0-0 (>= 2.8.0), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1) Recommends: ethereal (>= 0.9.1-3) | tethereal (>= 0.9.1-3) Conflicts: ethereal (<< 0.9.1-3), tethereal (<< 0.9.1-3) Description: network traffic analyser (common files) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides files common to both ethereal (the GTK+ version) and tethereal (the console version). Package: tethereal Status: install ok installed Priority: optional Section: net Installed-Size: 240 Maintainer: Frederic Peters Architecture: i386 Source: ethereal (0.10_12-6) Version: 0.10.12-6 Depends: libadns1, libc6 (>= 2.3.5-1), libcap1, libcomerr2 (>= 1.33-3), libglib2.0-0 (>= 2.8.0), libkrb53 (>= 1.3.2), libpcap0.8 (>= 0.9.3-1), libpcre3 (>= 4.5), zlib1g (>= 1:1.2.1), ethereal-common (= 0.10.12-6) Description: network traffic analyzer (console) Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Ethereal decodes numerous protocols (too many to list). . This package provides the console version of ethereal, named "tethereal". Package: amsn Status: install ok installed Priority: optional Section: x11 Installed-Size: 6908 Maintainer: Bruno Gonçalves Architecture: i386 Version: 0_95B-1 Description: AMSN é um clone do MSN Messenger para Linux Package: j2sdk Status: install ok installed Priority: extra Section: alien Installed-Size: 68560 Maintainer: root Version: 1.4.2_04-1 Depends: libasound2 (>> 0.9.3), libc6 (>= 2.3.2.ds1-4), libgcc1 (>= 1:3.3.2-1), xlibs (>> 4.1.0) Description: Java(TM) 2 Software Development Kit, Standard Edition debsecan-0.4.16+nmu1/testsuite/012/history0000644000000000000000000000026011004700541015055 0ustar VERSION 0 CVE-2005-3651,ethereal, CVE-2005-3313,ethereal, CVE-2005-3651,tethereal, CVE-2005-3313,tethereal, CVE-2005-3651,ethereal-common, CVE-2005-3313,ethereal-common,