Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 5894 5895 5896 5897 5898 5899 5900 5901 5902 5903 5904 ... 5959 ) Next »

Debian alert: New BitchX packages fix DoS and arbitrary code execution

  • Mailing list (Posted by dave on May 19, 2003 4:38 AM EDT)
  • Story Type: Security; Groups: Debian
Timo Sirainen discovered several problems in BitchX, a popular client for Internet Relay Chat (IRC). A malicious server could craft special reply strings, triggering the client to write beyond buffer boundaries or allocate a negative amount of memory. This could lead to a denial of service if the client only crashes, but may also lead to executing of arbitrary code under the user id of the chatting user.

Red Hat alert: Updated lv packages fix vulnerability

  • Mailing list (Posted by dave on May 16, 2003 2:14 AM EDT)
  • Story Type: Security; Groups: Red Hat
New lv packages that fix the possibility of local root exploit are now available.

Debian alert: New sendmail packages fix insecure temporary file creation

  • Mailing list (Posted by dave on May 15, 2003 4:21 PM EDT)
  • Story Type: Security; Groups: Debian
Paul Szabo discovered bugs in three scripts included in the sendmail package where temporary files were created insecurely (expn, checksendmail and doublebounce.pl). These bugs could allow an attacker to gain the privileges of a user invoking the script (including root).

Debian alert: New mysql packages fix multiple vulnerabilities

  • Mailing list (Posted by dave on May 15, 2003 4:13 PM EDT)
  • Story Type: Security; Groups: Debian
CAN-2003-0073: The mysql package contains a bug whereby dynamically allocated memory is freed more than once, which could be deliberately triggered by an attacker to cause a crash, resulting in a denial of service condition. In order to exploit this vulnerability, a valid username and password combination for access to the MySQL server is required.

Debian alert: New lv packages fix local privilege escalation

  • Mailing list (Posted by dave on May 15, 2003 4:02 PM EDT)
  • Story Type: Security; Groups: Debian
Leonard Stiles discovered that lv, a multilingual file viewer, would read options from a configuration file in the current directory. Because such a file could be placed there by a malicious user, and lv configuration options can be used to execute commands, this represented a security vulnerability. An attacker could gain the privileges of the user invoking lv, including root.

Mandrake alert: Updated cdrecord packages fix local root compromise

A vulnerability in cdrecord was discovered that can be used to obtain root access because Mandrake Linux ships with the cdrecord binary suid root and sgid cdwriter.

Red Hat alert: Updated tcpdump packages fix privilege dropping error

  • Mailing list (Posted by dave on May 15, 2003 12:03 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated tcpdump packages that correctly drop privileges on startup are now available.

Mandrake alert: Updated MySQL packages fix vulnerability

In MySQL 3.23.55 and earlier, MySQL would create world-writeable files and allow mysql users to gain root privileges by using the "SELECT * INTO OUTFILE" operator to overwrite a configuration file, which could cause mysql to run as root upon restarting the daemon.

Mandrake alert: Updated xinetd packages fix DoS vulnerability

A vulnerability was discovered in xinetd where memory was allocated and never freed if a connection was refused for any reason. Because of this bug, an attacker could crash the xinetd server, making unavailable all of the services it controls. Other flaws were also discovered that could cause incorrect operation in certain strange configurations.

Red Hat alert: Updated 2.4 kernel fixes security vulnerabilities and various bugs

  • Mailing list (Posted by dave on May 14, 2003 10:51 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated kernel packages that fix a remote denial of service vulnerability in the TCP/IP stack, and a local privilege vulnerability, are now available.

Red Hat alert: Updated xinetd packages fix a denial-of-service attack and other bugs

  • Mailing list (Posted by dave on May 13, 2003 9:15 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated xinetd packages that fix a security vulnerability are now avaliable.

Red Hat alert: Updated KDE packages fix security issues

  • Mailing list (Posted by dave on May 13, 2003 7:01 AM EDT)
  • Story Type: Security; Groups: Red Hat
This erratum provides updated KDE packages to resolve two security issues.

Red Hat alert: Updated KDE packages fix security issues

  • Mailing list (Posted by dave on May 13, 2003 7:01 AM EDT)
  • Story Type: Security; Groups: Red Hat
This erratum provides updated KDE packages to resolve two security issues.

Red Hat alert: Updated KDE packages fix security issues

  • Mailing list (Posted by dave on May 13, 2003 7:01 AM EDT)
  • Story Type: Security; Groups: Red Hat
This erratum provides updated KDE packages to resolve two security issues.

Mandrake alert: Updated kopete packages fix vulnerability with GnuPG plugin

A vulnerability was discovered in versions of kopete, a KDE instant messenger client, prior to 0.6.2. This vulnerabiliy is in the GnuPG plugin that allows for users to send each other GPG-encrypted instant messages. The plugin passes encrypted messages to gpg, but does no checking to sanitize the commandline passed to gpg. This can allow remote users to execute arbitrary code, with the permissions of the user running kopete, on the local system.

Mandrake alert: Updated mgetty packages fix vulnerabilities

Two vulnerabilities were discovered in mgetty versions prior to 1.1.29. An internal buffer could be overflowed if the caller name reported by the modem, via Caller ID information, was too long. As well, the faxspool script that comes with mgetty used a simple permissions scheme to allow or deny fax transmission privileges. Because the spooling directory used for outgoing faxes was world-writeable, this scheme was easily circumvented. Update: The installation of mgetty-sendfax on Mandrake Linux 8.2 relied on macros that are not existant, which would result in fresh installs of mgetty-sendfax being unable to work. Updated packages for 8.2 correct this.

Debian alert: New fuzz packages fix buffer overflow

  • Mailing list (Posted by dave on May 7, 2003 7:32 AM EDT)
  • Story Type: Security; Groups: Debian
Joey Hess discovered that fuzz, a software stress-testing tool, creates a temporary file without taking appropriate security precautions. This bug could allow an attacker to gain the privileges of the user invoking fuzz, excluding root (fuzz does not allow itself to be invoked as root).

Debian alert: New libgtop packages fix buffer overflow

  • Mailing list (Posted by dave on May 7, 2003 7:27 AM EDT)
  • Story Type: Security; Groups: Debian
The gtop daemon, used for monitoring remote machines, contains a buffer overflow which could be used by an attacker to execute arbitrary code with the privileges of the daemon process. If started as root, the daemon process drops root privileges, assuming uid and gid 99 by default.

Mandrake alert: Updated man packages fix vulnerability

A difficult to exploit vulnerability was discovered in versions of man prior to 1.5l. A bug exists in man that could cause a program named "unsafe" to be executed due to a malformed man file. In order to exploit this bug, a local attacker would have to be able to get another user to read the malformed man file, and the attacker would also have to create a file called "unsafe" that would be located somewhere in the victim's path.

Mandrake alert: Updated mgetty packages fix vulnerabilities

Two vulnerabilities were discovered in mgetty versions prior to 1.1.29. An internal buffer could be overflowed if the caller name reported by the modem, via Caller ID information, was too long. As well, the faxspool script that comes with mgetty used a simple permissions scheme to allow or deny fax transmission privileges. Because the spooling directory used for outgoing faxes was world-writeable, this scheme was easily circumvented.

« Previous ( 1 ... 5894 5895 5896 5897 5898 5899 5900 5901 5902 5903 5904 ... 5959 ) Next »