Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 6461 6462 6463 6464 6465 6466 6467 6468 6469 6470 6471 ... 6502 ) Next »

Mandrake alert: bind update

A vulnerability was discovered in the BIND9 DNS server in versions prior to 9.2.1.

Mandrake alert: sharutils update

The uudecode utility creates output files without checking to see if it is about to write to a symlink or pipe. This could be exploited by a local attacker to overwrite files or lead to privilege escalation if users decode data into share directories, such as /tmp. This update fixes this vulnerability by checking to see if the destination output file is a symlink or pipe.

Mandrake alert: xchat update

In versions of the xchat IRC client prior to version 1.8.9, xchat does not filter the response from an IRC server when a /dns query is executed. xchat resolves hostnames by passing the configured resolver and hostname to a shell, so an IRC server may return a malicious response formatted so that arbitrary commands are executed with the privilege of the user running xchat.

Debian alert: New mantis package fixes cross site code execution

  • Mailing list (Posted by dave on Aug 14, 2002 5:33 AM EDT)
  • Story Type: Security; Groups: Debian
Joao Gouveia discovered an uninitialized variable which was insecurely used with file inclusions in the mantis package, a php based bug tracking system. The Debian Security Team found even more similar problems. When these occasions are exploited, a remote user is able to execute arbitrary code under the webserver user id on the web server hosting the mantis system.

Mandrake alert: libpng update

A buffer overflow was found in the in the progressive reader of the PNG library when the PNG datastream contains more IDAT data than indicated by the IHDR chunk. These deliberately malformed datastreams would crash applications thus potentially allowing an attacker to execute malicious code. Many programs make use of the PNG libraries, including web browsers. This overflow is corrected in versions 1.0.14 and 1.2.4 of the PNG library. In order to have the system utilize the upgraded packages after the upgrade, you must restart all running applications that are linked to libpng. You can obtain this list by executing "lsof|grep libpng" or "fuser -v /usr/lib/libpng.so".

Mandrake alert: glibc update

A buffer overflow vulnerability was found in the way that the glibc resolver handles the resolution of network names and addresses via DNS in glibc versions 2.2.5 and earlier. Only systems using the "dns" entry in the "networks" database in /etc/nsswitch.conf are vulnerable to this issue. By default, Mandrake Linux has this database set to "files" and is not vulnerable. Likewise, a similar bug is in the glibc-compat packages which provide compatability for programs compiled against 2.0.x versions of glibc.

Debian alert: New l2tpd packages adds better randomization

  • Mailing list (Posted by dave on Aug 13, 2002 11:16 AM EDT)
  • Story Type: Security; Groups: Debian
Current versions of l2tpd, a layer 2 tunneling client/server program, forgot to initialize the random generator which made it vulnerable since all generated random number were 100% guessable. When dealing with the size of the value in an attribute value pair, too many bytes were able to be copied, which could lead into the vendor field being overwritten.

Debian alert: New xinetd packages fix local denial of service

  • Mailing list (Posted by dave on Aug 13, 2002 10:38 AM EDT)
  • Story Type: Security; Groups: Debian
Solar Designer found a vulnerability in xinetd, a replacement for the BSD derived inetd. File descriptors for the signal pipe introduced in version 2.3.4 are leaked into services started from xinetd. The descriptors could be used to talk to xinetd resulting in crashing it entirely. This is usually called a denial of service.

Debian alert: New interchange packages fix illegal file exposition

  • Mailing list (Posted by dave on Aug 13, 2002 8:32 AM EDT)
  • Story Type: Security; Groups: Debian
A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in "INET mode" (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.

Debian alert: New glibc packages fix security related problems

  • Mailing list (Posted by dave on Aug 13, 2002 12:21 AM EDT)
  • Story Type: Security; Groups: Debian
An integer overflow bug has been discovered in the RPC library used by GNU libc, which is derived from the SunRPC library. This bug could be exploited to gain unauthorized root access to software linking to this code. The packages below also fix integer overflows in the malloc code. They also contain a fix from Andreas Schwab to reduce linebuflen in parallel to bumping up the buffer pointer in the NSS DNS code.

Red Hat alert: Updated glibc packages fix vulnerabilities in RPC XDR decoder

  • Mailing list (Posted by dave on Aug 12, 2002 9:11 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated glibc packages are available to fix a buffer overflow in the XDR decoder.

Red Hat alert: Updated Tcl/Tk packages fix local vulnerability

  • Mailing list (Posted by dave on Aug 12, 2002 11:39 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated Tcl/Tk packages for Red Hat Linux 7 and 7.1 fix two local vulnerabilities.

SuSE alert: i4l

  • Mailing list (Posted by dave on Aug 12, 2002 2:22 AM EDT)
  • Story Type: Security; Groups: SUSE
The i4l package contains several programs for ISDN maintenance and connectivity on Linux. The ipppd program which is part of the package contained various buffer overflows and format string bugs. Since ipppd is installed setuid to root and executable by users of group 'dialout' this may allow attackers with appropriate group membership to execute arbitrary commands as root. The i4l package is installed by default and also vulnerable if you do not have a ISDN setup. The buffer overflows and format string bugs have been fixed. We strongly recommend an update of the i4l package. If you do not consider updating the package it is also possible to remove the setuid bit from /usr/sbin/ipppd as a temporary workaround. The SuSE Security Team is aware of a published exploit for ipppd that gives a local attacker root privileges so you should either update the package or remove the setuid bit from ipppd.

Debian alert: New hylafax packages fix security related problems

  • Mailing list (Posted by dave on Aug 11, 2002 11:53 PM EDT)
  • Story Type: Security; Groups: Debian
A set of problems have been discovered in Hylafax, a flexible client/server fax software distributed with many GNU/Linux distributions. Quoting SecurityFocus the problems are in detail:

Red Hat alert: Updated bind packages fix buffer overflow in resolver library

  • Mailing list (Posted by dave on Aug 9, 2002 8:24 AM EDT)
  • Story Type: Security; Groups: Red Hat
Various versions of the ISC BIND resolver libraries are vulnerable to a buffer overflow attack. Updated BIND packages are now available to fix this issue.

Debian alert: New mailman packages fix cross-site scripting problem

  • Mailing list (Posted by dave on Aug 8, 2002 11:15 PM EDT)
  • Story Type: Security; Groups: Debian
A cross-site scripting vulnerability was discovered in mailman, a software to manage electronic mailing lists. When a properly crafted URL is accessed with Internet Explorer (other browsers don't seem to be affected), the resulting webpage is rendered similar to the real one, but the javascript component is executed as well, which could be used by an attacker to get access to sensitive information. The new version for Debian 2.2 also includes backports of security related patches from mailman 2.0.11.

Debian alert: New dietlibc packages fix integer overflows

  • Mailing list (Posted by dave on Aug 8, 2002 11:08 AM EDT)
  • Story Type: Security; Groups: Debian
The upstream author of dietlibc, Felix von Leitner, discovered a potential division by zero chance in the fwrite and calloc integer overflow checks, which are fixed in the version below.

Debian alert: New dietlibc packages fix integer overflows

  • Mailing list (Posted by dave on Aug 8, 2002 1:46 AM EDT)
  • Story Type: Security; Groups: Debian
An integer overflow bug has been discovered in the RPC library used by dietlibc, a libc optimized for small size, which is derived from the SunRPC library. This bug could be exploited to gain unauthorized root access to software linking to this code. The packages below also fix integer overflows in the calloc, fread and fwrite code. They are also more strict regarding hostile DNS packets that could lead to a vulnerability otherwise.

Debian alert: New tinyproxy packages fix security vulnerability

  • Mailing list (Posted by dave on Aug 7, 2002 9:54 AM EDT)
  • Story Type: Security; Groups: Debian
The authors of tinyproxy, a lightweight HTTP proxy, discovered a bug in the handling of some invalid proxy requests. Under some circumstances, an invalid request may result in a allocated memory being freed twice. This can potentially result in the execution of arbitrary code.

Red Hat alert: Updated secureweb packages fix temporary file handling

  • Mailing list (Posted by dave on Aug 6, 2002 9:51 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated secureweb packages are now available for Red Hat Secure Web Server 3.

« Previous ( 1 ... 6461 6462 6463 6464 6465 6466 6467 6468 6469 6470 6471 ... 6502 ) Next »