Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 5801 5802 5803 5804 5805 5806 5807 5808 5809 5810 5811 ... 5813 ) Next »

Debian alert: New version of elvis-tiny released

  • Mailing list (Posted by dave on Nov 22, 2000 11:53 AM EDT)
  • Story Type: Security; Groups: Debian
Topi Miettinen audited elvis-tiny and raised an issue covering the use and creation of temporary files. Those files are created with a predictable pattern and O_EXCL flag is not used when opening. This makes users of elvis-tiny vulnerable to race conditions and/or data lossage.

Debian alert: New Debian xmcd packages released

  • Mailing list (Posted by dave on Nov 22, 2000 8:31 AM EDT)
  • Story Type: Security; Groups: Debian
The Debian GNU/Linux xmcd package has historically installed two setuid helpers for accessing cddb databases and SCSI cdrom drives. More recently, the package offered the administrator the chance to remove these setuid flags, but did so incorrectly.

Debian alert: New Debian ncurses packages released

  • Mailing list (Posted by dave on Nov 22, 2000 7:43 AM EDT)
  • Story Type: Security; Groups: Debian
The version of the ncurses display library shipped with Debian GNU/Linux 2.2 is vulnerable to several buffer overflows in the parsing of terminfo database files. This problem was discovered by Jouko Pynnönen <jouko@solutions.fi>. The problems are only exploitable in the presence of setuid binaries linked to ncurses which use these particular functions, including xmcd versions before 2.5pl1-7.1.

Debian alert: New version of ethereal released

  • Mailing list (Posted by dave on Nov 21, 2000 5:38 PM EDT)
  • Story Type: Security; Groups: Debian
hacksware reported a buffer overflow in the AFS packet parsing code in ethereal. Gerald Combs then found more overflows in the netbios and ntp decoding logic as well. An attacker can exploit those overflows by sending carefully crafted packets to a network that is being monitored by ethereal.

Debian alert: New version of joe released

  • Mailing list (Posted by dave on Nov 21, 2000 3:57 PM EDT)
  • Story Type: Security; Groups: Debian
When joe (Joe's Own Editor) dies due to a signal instead of a normal exit it saves a list of the files it is editing to a file called `DEADJOE' in its current directory. Unfortunately this wasn't done safely which made joe vulnerable to a symlink attack.

Red Hat alert: Updated openssh packages available for Red Hat Linux 7

  • Mailing list (Posted by dave on Nov 21, 2000 12:39 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated openssh packages are now available for Red Hat Linux 7.

Red Hat alert: Updated joe packages are available for Red Hat Linux 5.2, 6.x and 7

  • Mailing list (Posted by dave on Nov 20, 2000 6:21 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated joe packages are available for Red Hat Linux 5.2, 6.x and 7.

Debian alert: New version of tcpdump released

  • Mailing list (Posted by dave on Nov 20, 2000 6:14 AM EDT)
  • Story Type: Security; Groups: Debian
During internal source code auditing by FreeBSD several buffer overflows were found which allow an attacker to make tcpdump crash by sending carefully crafted packets to a network that is being monitored with tcpdump.

Debian alert: New version of modutils released

  • Mailing list (Posted by dave on Nov 20, 2000 6:03 AM EDT)
  • Story Type: Security; Groups: Debian
Sebastian Krahmer found a problem in the modprobe utility that could be exploited by local users to run arbitrary commands as root if the machine is running a kernel with kmod enabled.

Debian alert: New version of cupsys released

  • Mailing list (Posted by dave on Nov 19, 2000 7:29 AM EDT)
  • Story Type: Security; Groups: Debian
Mandrake has recently released a security advisory against CUPS raising two issues:

Debian alert: New Debian cron packages released

  • Mailing list (Posted by dave on Nov 17, 2000 6:33 PM EDT)
  • Story Type: Security; Groups: Debian
The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable to a local attack, discovered by Michal Zalewski. Several problems, including insecure permissions on temporary files and race conditions in their deletion, allowed attacks from a denial of service (preventing the editing of crontabs) to an escalation of priviledge (when another user edited their crontab).

Debian alert: New version of openssh released

  • Mailing list (Posted by dave on Nov 17, 2000 6:30 PM EDT)
  • Story Type: Security; Groups: Debian
The adv.fwd security advisory from OpenBSD reported a problem with openssh that Jacob Langseth <jwl@pobox.com> found: when the connection is established the remote ssh server can force the ssh client to enable agent and X11 forwarding.

Red Hat alert: Updated modutils fixing local root security bug available

  • Mailing list (Posted by dave on Nov 17, 2000 1:47 PM EDT)
  • Story Type: Security; Groups: Red Hat
A local root exploit in modutils has been fixed. 2000-11-17: New packages available for Red Hat Linux 6.2 to fix an error in the previous packages.

Red Hat alert: New Netscape packages available

  • Mailing list (Posted by dave on Nov 17, 2000 1:46 PM EDT)
  • Story Type: Security; Groups: Red Hat
New Netscape packages are available that fix a buffer overflow in parsing HTML. It is recommended that all Netscape users update to the fixed packages.

SuSE alert: tcpdump

  • Mailing list (Posted by dave on Nov 17, 2000 6:39 AM EDT)
  • Story Type: Security; Groups: SUSE
tcpdump is a widespread network/packet analysis tool, also known as a packet sniffer, used in unix/unix-like environment. Several overflowable buffers have been found in SuSE's version of tcpdump that could allow a remote attacker to crash the local tcpdump process. Since tcpdump may be used in combination with intrusion detection systems, a crashed tcpdump process may disable the network monitoring system as a whole. The FreeBSD team who found these vulnerabilities also reported that tcpdump's portion of code that can decode AFS ACL (AFS=Andrew File System, a network filesystem, ACL=Access Control List) packets is vulnerable to a (remotely exploitable) buffer overrun attack that could allow a remote attacker to execute arbitrary commands as root since the tcpdump program usually requires root privileges to gain access to the raw network socket. The versions of tcpdump as shipped with SuSE distributions do not contain the AFS packet decoding capability and are therefore not vulnerable to this second form of attack.

Red Hat alert: Updated modutils fixing local root security bug available

  • Mailing list (Posted by dave on Nov 16, 2000 8:31 AM EDT)
  • Story Type: Security; Groups: Red Hat
A local root exploit in modutils has been fixed.

SuSE alert: bind8

  • Mailing list (Posted by dave on Nov 16, 2000 6:29 AM EDT)
  • Story Type: Security; Groups: SUSE
BIND, the Berkeley Internet Name Daemon, versions before 8.2.2p7, has been found vulnerable to two denial of service attacks: named may crash after a compressed zone transfer request (ZXFR) and if an SRV record (defined in RFC2782) is sent to the server. Administrators testing the ZXFR bug should be aware that it can take several seconds after the triggering the bug until the nameserver daemon crashes. SuSE versions 6.0 through 6.4 are affected by these two problems. The bind8 package in SuSE-7.0 is not affected because a different version of bind8 (8.2.3) was used in this distribution. By the release time of the SuSE-7.0 distribution our engineers have determined that the problems we had with stalling zone transfers under some obscure conditions were not present with the 8.2.3 release of the package.

SuSE alert: SuSE: miscellaneous

  • Mailing list (Posted by dave on Nov 15, 2000 5:36 AM EDT)
  • Story Type: Security; Groups: SUSE
This notice addresses the latest security advisories from various Linux vendors as well as private contributors on public security forums. The issues have been collected to keep the noise on the public security forums at a reduced level.

SuSE alert: modules

  • Mailing list (Posted by dave on Nov 13, 2000 12:09 AM EDT)
  • Story Type: Security; Groups: SUSE
The modules package is responsible for on-demand loading of kernel modules/drivers. The /sbin/modprobe command, when executed as a new task by the kernel-internal function request_module(), runs with the priviledges of the init process, usually root. Newer versions of the modprobe program contain a bug which allows local users to gain root priviledges. modprobe expands given arguments via /bin/echo and can easily be tricked into executing commands. In order for this bug to be exploitable, a setuid root program must be installed that can trigger the loading of modules (such as ping6).

Debian alert: New version of Debian bind packages released

  • Mailing list (Posted by dave on Nov 11, 2000 11:25 PM EDT)
  • Story Type: Security; Groups: Debian
The version of BIND shipped with Debian GNU/Linux 2.2 is vulnerable to a remote denial of service attack, which can cause the nameserver to crash after accessing an uninitialized pointer. This problem is fixed in the current maintenance release of BIND, 8.2.2P7, and in the Debian package version 8.2.2p7-1 for both stable and unstable releases.

« Previous ( 1 ... 5801 5802 5803 5804 5805 5806 5807 5808 5809 5810 5811 ... 5813 ) Next »