Showing headlines posted by dave
« Previous ( 1 ... 537 538 539 540 541 542 543 544 545 546 547 ... 595 ) Next »Red Hat alert: New kernel 2.2 packages fix vulnerabilities
Updated kernel packages for Red Hat Linux 6.2 and 7.0 are now available
that fix several security vulnerabilities.
Red Hat alert: Updated glibc packages fix vulnerabilities in RPC XDR decoder
Updated glibc packages are available to fix an integer overflow in the XDR
decoder.
Debian alert: New lxr packages fix information disclosure
Upstream developers of lxr, a general hypertext cross-referencing
tool, have been alerted of a vulnerability that allows a remote
attacker to read arbitrary files on the host system as user www-data.
This could disclose local files that were not meant to be shared with
the public.
SuSE alert: samba
Sebastian Krahmer, SuSE Security Team, reviewed security-critical parts of the Samba server within the scope of security audits that the SuSE Security Team conducts on a regular basis for security-critical Open Source Software. Buffer overflows and a chown race condition have been discovered and fixed during the security audit. The buffer overflow vulnerabilitiy allows a remote attacker to execute arbitrary commands as root on the system running samba. In addition to the flaws fixed in the samba server, some overflow conditions in the samba-client package have been fixed with the available update packages. It is strongly recommended to install the update packages on a system where the samba package is used.
SuSE alert: samba
Sebastian Krahmer, SuSE Security Team, reviewed security-critical parts of the Samba server within the scope of security audits that the SuSE Security Team conducts on a regular basis for security-critical Open Source Software. Buffer overflows and a chown race condition have been discovered and fixed during the security audit. The buffer overflow vulnerabilitiy allows a remote attacker to execute arbitrary commands as root on the system running samba. In addition to the flaws fixed in the samba server, some overflow conditions in the samba-client package have been fixed with the available update packages. It is strongly recommended to install the update packages on a system where the samba package is used.
Mandrake alert: Updated zlib packages fix buffer overrun vulnerability
Richard Kettlewell discovered a buffer overflow vulnerability in the zlib library's gzprintf() function. This can be used by attackers to cause a denial of service or possibly even the execution of arbitrary code. Our thanks to the OpenPKG team for providing a patch which adds the necessary configure script checks to always use the secure vsnprintf(3) and snprintf(3) functions, and which additionally adjusts the code to correctly take into account the return value of vsnprintf(3) and snprintf(3).
Red Hat alert: New samba packages fix security vulnerabilities
Updated Samba packages are now available to fix security vulnerabilities
found during a code audit.
Red Hat alert: Updated 2.4 kernel fixes vulnerability
Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 are now
available. These packages fix a ptrace-related vulnerability that can
lead to elevated (root) privileges.
Debian alert: New tcpdump packages fix denial of service vulnerability
Al Viro and Alan Cox discovered several maths overflow errors in
NetPBM, a set of graphics conversion tools. These programs are not
installed setuid root but are often installed to prepare data for
processing. These vulnerabilities may allow remote attackers to cause
a denial of service or execute arbitrary code.
Red Hat alert: Updated rxvt packages fix various vulnerabilites
Updated rxvt packages are available which fix a number of vulnerabilities
in the handling of escape sequences.
Red Hat alert: Updated Gnome-lokkit packages fix vulnerability
Updated Gnome-lokkit packages fix missing FORWARD ruleset in Red Hat Linux 8.0
Mandrake alert: Updated samba packages fix remote root vulnerability
The SuSE security team, during an audit of the Samba source code, found a flaw in the main smbd code which could allow an external attacker to remotely and anonymously gain root privilege on a system running the Samba server. This flaw exists in all version of Samba 2.x up to and including 2.2.7a. The Samba team announced 2.2.8 today, however these updated packages include a patch that corrects this problem.
Slackware alert: Samba buffer overflow fixed
The samba packages in Slackware 8.1 and -current have been patched to fix
a security problem. All sites running samba should upgrade.
Debian alert: samba security fix
Sebastian Krahmer of the SuSE security audit team found two problems
in samba, a popular SMB/CIFS implementation. The problems are:
Mandrake alert: Updated usermode packages remove insecure shutdown command
The /usr/bin/shutdown command that comes with the usermode package can be executed by local users to shutdown all running processes and drop into a root shell. This command is not really needed to shutdown a system, so it has been removed and all users are encouraged to upgrade. Please note that the user must have local console access in order to obtain a root shell in this fashion. Update: The previous updated packages did not properly fix the problem. The pam files that allow a (physically) local user to shutdown were not removed. This has been corrected.
Debian alert: New tcpdump packages fix denial of service vulnerability
A problem has been discovered in tcpdump, a powerful tool for network
monitoring and data acquisition. An attacker is able to send a
specially crafted RADIUS network packet which causes tcpdump to enter
an infinite loop.
SuSE alert: tcpdump
The network traffic analyzer tool tcpdump is vulnerable to a denial-of- service condition while parsing ISAKMP or BGP packets. This bug can be exploited remotely by an attacker to stop the use of tcpdump for analyzing network traffic for signs of security breaches or alike. Another bug may lead to system compromise due to the handling of malformed NFS packets send by an attacker. Please note, that tcpdump drops root privileges right after allocating the needed raw sockets.
SuSE alert: lprold
The lprm command of the printing package lprold shipped till SuSE 7.3 contains a buffer overflow. This buffer overflow can be exploited by a local user, if the printer system is set up correctly, to gain root privileges. lprold is installed as default package and has the setuid bit set.
Debian alert: New file package fixes buffer overflow
iDEFENSE discovered a buffer overflow vulnerability in the ELF format
parsing of the "file" command, one which can be used to execute
arbitrary code with the privileges of the user running the command. The
vulnerability can be exploited by crafting a special ELF binary which is
then input to file. This could be accomplished by leaving the binary on
the file system and waiting for someone to use file to identify it, or
by passing it to a service that uses file to classify input. (For
example, some printer filters run file to determine how to process input
going to a printer.)
Debian alert: qpopper user privilege escalation
Florian Heinz <heinz@cronon-ag.de> posted to the Bugtraq mailing list an
exploit for qpopper based on a bug in the included vsnprintf implementation.
The sample exploit requires a valid user account and password, and overflows a
string in the pop_msg() function to give the user "mail" group privileges and a
shell on the system. Since the Qvsnprintf function is used elsewhere in
qpopper, additional exploits may be possible.
« Previous ( 1 ... 537 538 539 540 541 542 543 544 545 546 547 ... 595 ) Next »