Showing headlines posted by dave
« Previous ( 1 ... 531 532 533 534 535 536 537 538 539 540 541 ... 595 ) Next »Red Hat alert: Updated KDE packages fix security issues
This erratum provides updated KDE packages to resolve two security issues.
Red Hat alert: Updated KDE packages fix security issues
This erratum provides updated KDE packages to resolve two security issues.
Mandrake alert: Updated kopete packages fix vulnerability with GnuPG plugin
A vulnerability was discovered in versions of kopete, a KDE instant messenger client, prior to 0.6.2. This vulnerabiliy is in the GnuPG plugin that allows for users to send each other GPG-encrypted instant messages. The plugin passes encrypted messages to gpg, but does no checking to sanitize the commandline passed to gpg. This can allow remote users to execute arbitrary code, with the permissions of the user running kopete, on the local system.
Mandrake alert: Updated mgetty packages fix vulnerabilities
Two vulnerabilities were discovered in mgetty versions prior to 1.1.29. An internal buffer could be overflowed if the caller name reported by the modem, via Caller ID information, was too long. As well, the faxspool script that comes with mgetty used a simple permissions scheme to allow or deny fax transmission privileges. Because the spooling directory used for outgoing faxes was world-writeable, this scheme was easily circumvented. Update: The installation of mgetty-sendfax on Mandrake Linux 8.2 relied on macros that are not existant, which would result in fresh installs of mgetty-sendfax being unable to work. Updated packages for 8.2 correct this.
Debian alert: New fuzz packages fix buffer overflow
Joey Hess discovered that fuzz, a software stress-testing tool,
creates a temporary file without taking appropriate security
precautions. This bug could allow an attacker to gain the privileges
of the user invoking fuzz, excluding root (fuzz does not allow itself
to be invoked as root).
Debian alert: New libgtop packages fix buffer overflow
The gtop daemon, used for monitoring remote machines, contains a
buffer overflow which could be used by an attacker to execute
arbitrary code with the privileges of the daemon process. If started
as root, the daemon process drops root privileges, assuming uid and
gid 99 by default.
Mandrake alert: Updated man packages fix vulnerability
A difficult to exploit vulnerability was discovered in versions of man prior to 1.5l. A bug exists in man that could cause a program named "unsafe" to be executed due to a malformed man file. In order to exploit this bug, a local attacker would have to be able to get another user to read the malformed man file, and the attacker would also have to create a file called "unsafe" that would be located somewhere in the victim's path.
Mandrake alert: Updated mgetty packages fix vulnerabilities
Two vulnerabilities were discovered in mgetty versions prior to 1.1.29. An internal buffer could be overflowed if the caller name reported by the modem, via Caller ID information, was too long. As well, the faxspool script that comes with mgetty used a simple permissions scheme to allow or deny fax transmission privileges. Because the spooling directory used for outgoing faxes was world-writeable, this scheme was easily circumvented.
Debian alert: New leksbot packages fix improper setuid-root execution
Maurice Massar discovered that, due to a packaging error, the program
/usr/bin/KATAXWR was inadvertently installed setuid root. This
program was not designed to run setuid, and contained multiple
vulnerabilities which could be exploited to gain root privileges.
Debian alert: New Balsa packages fix buffer overflow
Byrial Jensen discovered a couple of off-by-one buffer overflow in the
IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME,
GPG, PGP and threading. This code is imported in the Balsa package.
This problem could potentially allow a remote malicious IMAP server to
cause a denial of service (crash) and possibly execute arbitrary code
via a specially crafted mail folder.
Red Hat alert: Updated mod_auth_any packages available
Updated mod_auth_any packages are now available for Red Hat Linux.
Red Hat alert: Updated MySQL packages fix vulnerabilities
Updated MySQL server packages fix both a double-free security
vulnerability and a root exploit security vulnerability.
[Updated 1 May 2003]
Added updated packages for Red Hat Linux 9, which is vulnerable to
CAN-2003-0150.
Debian alert: New EPIC4 packages fix DoS and arbitrary code execution
Timo Sirainen discovered several problems in EPIC4, a popular client
for Internet Relay Chat (IRC). A malicious server could craft special
reply strings, triggering the client to write beyond buffer
boundaries. This could lead to a denial of service if the client only
crashes, but may also lead to executing of arbitrary code under the
user id of the chatting user.
Debian alert: New snort packages fix remote root exploits
Two vulnerabilities have been discoverd in Snort, a popular network
intrusion detection system. Snort comes with modules and plugins that
perform a variety of functions such as protocol analysis. The
following issues have been identified:
Red Hat alert: Updated man packages fix minor vulnerability
Updated man packages fix a minor security vulnerability.
Debian alert: New mime-support packages really fix temporary file race conditions
I am awfully and sincerely sorry. Apparently, I wasn't able to assign
enough time to this issue and produced insufficiently tested
updates. I'll do my best not to repeat this.
Debian alert: New kdebase packages fix arbitrary command execution
The KDE team discoverd a vulnerability in the way KDE uses Ghostscript
software for processing of PostScript (PS) and PDF files. An attacker
could provide a malicious PostScript or PDF file via mail or websites
that could lead to executing arbitrary commands under the privileges
of the user viewing the file or when the browser generates a directory
listing with thumbnails.
Debian alert: New pptpd packages fix remote root exploit
Timo Sirainen discovered a vulnerability in pptpd, a Point to Point
Tunneling Server, which implements PPTP-over-IPSEC and is commonly
used to create Virtual Private Networks (VPN). By specifying a small
packet length an attacker is able to overflow a buffer and execute
code under the user id that runs pptpd, probably root. An exploit for
this problem is already circulating.
Red Hat alert: Updated MySQL packages fix vulnerabilities
Updated MySQL server packages fix both a double-free security
vulnerability and a root exploit security vulnerability.
Red Hat alert: Updated zlib packages fix gzprintf buffer overflow vulnerability
Updated zlib packages are now available which fix a buffer overflow
vulnerability.
« Previous ( 1 ... 531 532 533 534 535 536 537 538 539 540 541 ... 595 ) Next »