Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 5778 5779 5780 5781 5782 5783 5784 5785 5786 5787 5788 ... 5842 ) Next »

Debian alert: New mime-support packages really fix temporary file race conditions

  • Mailing list (Posted by dave on Apr 30, 2003 7:44 AM EDT)
  • Story Type: Security; Groups: Debian
I am awfully and sincerely sorry. Apparently, I wasn't able to assign enough time to this issue and produced insufficiently tested updates. I'll do my best not to repeat this.

Debian alert: New kdebase packages fix arbitrary command execution

  • Mailing list (Posted by dave on Apr 30, 2003 3:02 AM EDT)
  • Story Type: Security; Groups: Debian
The KDE team discoverd a vulnerability in the way KDE uses Ghostscript software for processing of PostScript (PS) and PDF files. An attacker could provide a malicious PostScript or PDF file via mail or websites that could lead to executing arbitrary commands under the privileges of the user viewing the file or when the browser generates a directory listing with thumbnails.

Debian alert: New pptpd packages fix remote root exploit

  • Mailing list (Posted by dave on Apr 29, 2003 11:43 PM EDT)
  • Story Type: Security; Groups: Debian
Timo Sirainen discovered a vulnerability in pptpd, a Point to Point Tunneling Server, which implements PPTP-over-IPSEC and is commonly used to create Virtual Private Networks (VPN). By specifying a small packet length an attacker is able to overflow a buffer and execute code under the user id that runs pptpd, probably root. An exploit for this problem is already circulating.

Red Hat alert: Updated MySQL packages fix vulnerabilities

  • Mailing list (Posted by dave on Apr 29, 2003 10:59 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated MySQL server packages fix both a double-free security vulnerability and a root exploit security vulnerability.

Red Hat alert: Updated zlib packages fix gzprintf buffer overflow vulnerability

  • Mailing list (Posted by dave on Apr 29, 2003 12:14 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated zlib packages are now available which fix a buffer overflow vulnerability.

Mandrake alert: Updated snort packages fix remote vulnerability

An integer overflow was discovered in the Snort stream4 preprocessor by the Sourcefire Vulnerability Research Team. This preprocessor (spp_stream4) incorrectly calculates segment size parameters during stream reassembly for certainm sequence number ranges. This can lead to an integer overflow that can in turn lead to a heap overflow that can be exploited to perform a denial of service (DoS) or even remote command excution on the host running Snort.

Mandrake alert: Updated pam packages fix root authorization handling in pam_xauth module

Andreas Beck discovered that the pam_xauth module would forward authorization information from the root account to unprivileged users. This can be exploited by a local attacker to gain access to the root user's X session. In order for it to be successfully exploited, the attacker would have to somehow get the root user to su to the account belonging to the attacker. Update: The previous fix was incorrect because certain applications, such as userdrake and net_monitor could not be executed as root, although they could be executed as users who successfully authenticated as root.

Mandrake alert: Updated ethereal packages fix remote vulnerability

A vulnerability was discovered in Ethereal 0.9.9 and earlier that allows a remote attacker to use specially crafted SOCKS packets to cause a denial of service (DoS) and possibly execute arbitrary code.

Red Hat alert: Updated mICQ packages fix vulnerability

  • Mailing list (Posted by dave on Apr 24, 2003 1:03 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated mICQ packages are available for Red Hat Linux versions 7.2 and 7.3 that fix a remote crash.

Red Hat alert: Updated LPRng packages fix psbanner vulnerability

  • Mailing list (Posted by dave on Apr 24, 2003 12:58 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated LPRng packages resolving a temporary file vulnerability are now available.

Red Hat alert: Updated squirrelmail packages fix cross-site scripting vulnerabilities

  • Mailing list (Posted by dave on Apr 24, 2003 12:38 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated SquirrelMail packages are now available for Red Hat Linux.

Mandrake alert: Updated kde3 packages fix arbitrary command execution

A vulnerability was discovered by the KDE team in the way that KDE uses Ghostscript for processing PostScript and PDF files. A malicious attacker could provide a carefully constructed PDF or PostScript file to an end user (via web or mail) that could lead to the execution of arbitrary commands as the user viewing the file. The vulnerability can be triggered even by the browser generating a directory listing with thumbnails.

SuSE alert: KDE

  • Mailing list (Posted by dave on Apr 24, 2003 2:42 AM EDT)
  • Story Type: Security; Groups: SUSE
The K Desktop Environment KDE allows to generate postscript previews which can be viewed via certain konqueror plug-ins for example. The previews are generated by invoking the ghostscript program but without supplying the "-dSAFER" option as an argument. This allows embedded code to be executed. Additionally to the correction made to the postscript generation process, various other security related bug fixes and patches from KDE 3.0.5a have been incorporated. For more information regarding these fixes please visit the URLs given as cross references.

Red Hat alert: Updated ethereal packages fix security vulnerabilities

  • Mailing list (Posted by dave on Apr 23, 2003 12:22 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated ethereal packages are now available which fix a format string bug and a heap-based buffer overflow.

Debian alert: New gkrellm-newsticker packages fix DoS and arbitrary command execution

  • Mailing list (Posted by dave on Apr 23, 2003 8:00 AM EDT)
  • Story Type: Security; Groups: Debian
Brian Campbell discovered two security-related problems in gkrellm-newsticker, a plugin for the gkrellm system monitor program, which provides a news ticker from RDF feeds. The Common Vulnerabilities and Exposures project identifies the following problems:

Red Hat alert: Updated tcpdump packages fix various vulnerabilities

  • Mailing list (Posted by dave on Apr 23, 2003 6:56 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated tcpdump, libpcap, and arpwatch packages are available, fixing a number of vulnerabilities that could be used to cause a denial of service attack, or possibly execute arbitrary code.

Debian alert: New kdelibs packages fix arbitrary command execution

  • Mailing list (Posted by dave on Apr 23, 2003 6:13 AM EDT)
  • Story Type: Security; Groups: Debian
The KDE team discoverd a vulnerability in the way KDE uses Ghostscript software for processing of PostScript (PS) and PDF files. An attacker could provide a malicious PostScript or PDF file via mail or websites that could lead to executing arbitrary commands under the privileges of the user viewing the file or when the browser generates a directory listing with thumbnails.

Debian alert: New mime-support packages fix temporary file race conditions

  • Mailing list (Posted by dave on Apr 23, 2003 5:48 AM EDT)
  • Story Type: Security; Groups: Debian
Unfortunately yesterday's update for mime-support did not exactly work as expected, which requires an update. For completeness we include the advisory text:

Mandrake alert: Updated apache packages fix denial of service vulnerabilities

A memory leak was discovered in Apache 2.0 through 2.0.44 that can allow a remote attacker to cause a significant denial of service (DoS) by sending requests containing a lot of linefeed characters to the server.

Debian alert: New mime-support packages fix temporary file race conditions

  • Mailing list (Posted by dave on Apr 22, 2003 6:24 AM EDT)
  • Story Type: Security; Groups: Debian
Colin Phipps discovered several problems in mime-support, that contains support programs for the MIME control files 'mime.types' and 'mailcap'. When a temporary file is to be used it is created insecurely, allowing an attacker to overwrite arbitrary under the user id of the person executing run-mailcap, most probably root. Additionally the program did not properly escape shell escape characters when executing a command. This is unlikely to be exploitable, though.

« Previous ( 1 ... 5778 5779 5780 5781 5782 5783 5784 5785 5786 5787 5788 ... 5842 ) Next »