Showing headlines posted by dave
« Previous ( 1 ... 538 539 540 541 542 543 544 545 546 547 548 ... 595 ) Next »Mandrake alert: Updated usermode packages remove insecure shutdown command
The /usr/bin/shutdown command that comes with the usermode package can be executed by local users to shutdown all running processes and drop into a root shell. This command is not really needed to shutdown a system, so it has been removed and all users are encouraged to upgrade. Please note that the user must have local console access in order to obtain a root shell in this fashion.
Debian alert: New ethereal packages fix arbitrary code execution
Georgi Guninski discovered a problem in ethereal, a network traffic
analyzer. The program contains a format string vulnerability that
could probably lead to execution of arbitrary code.
Red Hat alert: Updated file packages fix vulnerability
Updated file packages are available to close a buffer overflow vulnerability.
Mandrake alert: Updated file packages fix stack overflow vulnerability
A memory allocation problem in file was found by Jeff Johnson, and a stack overflow corruption problem was found by David Endler. These problems have been corrected in file version 3.41 and likely affect all previous version. These problems pose a security threat as they can be used to execute arbitrary code by an attacker under the privileges of another user. Note that the attacker must first somehow convince the target user to execute file against a specially crafted file that triggers the buffer overflow in file.
Mandrake alert: Updated snort packages fix buffer overflow vulnerability
A buffer overflow was discovered in the snort RPC normalization routines by ISS-XForce which can cause snort to execute arbitrary code embedded within sniffed network packets. The rpc_decode preprocessor is enabled by default. The snort developers have released version 1.9.1 to correct this behaviour; snort versions from 1.8 up to 1.9.0 are vulnerable.
Red Hat alert: Updated OpenSSL packages fix timing attack
Updated OpenSSL packages are available that fix a potential timing-based
attack.
Red Hat alert: Updated im packages fix insecure handling of temporary files
New im packages are available that fix the insecure handling of temporary
files.
Red Hat alert: Updated squirrelmail packages close cross-site scripting vulnerabilities
Updated squirrelmail packages are now available for Red Hat Linux.
Debian alert: sendmail-wide remote exploit
This advisory is an addendum to DSA-257-1; the sendmail problem
discussed there also applies to the sendmail-wide packages.
Debian alert: sendmail remote exploit
Mark Dowd of ISS X-Force found a bug in the header parsing routines
of sendmail: it could overflow a buffer overflow when encountering
addresses with very long comments. Since sendmail also parses headers
when forwarding emails this vulnerability can hit mail-servers which do
not deliver the email as well.
Slackware alert: Sendmail buffer overflow fixed
The sendmail packages in Slackware 8.1 and -current have been patched to fix
a security problem. All sites running sendmail should upgrade.
Mandrake alert: Updated sendmail packages fix remotely exploitable buffer overflow vulnerability
A vulnerability was discovered in sendmail by Mark Dowd of ISS X-Force that involves mail header manipulation that can result in a remote user gaining root access to the system running the vulnerable sendmail.
Mandrake alert: Updated tcpdump packages fix denial of service vulnerabilities
A vulnerability was discovered by Andrew Griffiths and iDEFENSE Labs in the tcpdump program. By sending a specially crafted network packet, an attacker is able to to cause tcpdump to enter an infinite loop. In addition, the tcpdump developers found a potential infinite loop when tcpdump parses malformed BGP packets. A buffer overflow was also discovered that can be exploited with certain malformed NFS packets.
SuSE alert: sendmail
sendmail is the most widely used mail transport agent (MTA) in the internet. A remotely exploitable buffer overflow has been found in all versions of sendmail that come with SuSE products. These versions include sendmail-8.11 and sendmail-8.12 releases. sendmail is the MTA subsystem that is installed by default on all SuSE products up to and including SuSE Linux 8.0 and the SuSE Linux Enterprise Server 7.
Red Hat alert: Updated sendmail packages fix critical security issues
Updated Sendmail packages are available to fix a vulnerability that
may allow remote attackers to gain root privileges by sending a
carefully crafted message.
These packages also fix a security bug if sendmail is configured to use smrsh.
Debian alert: New mhc-utils packages fix predictable temporary file
It has been discovered that adb2mhc from the mhc-utils package. The
default temporary directory uses a predictable name. This adds a
vulnerability that allows a local attacker to overwrite arbitrary
files the users has write permissions for.
Debian alert: New tcpdump packages fix denial of service vulnerability
Andrew Griffiths and iDEFENSE Labs discovered a problem in tcpdump, a
powerful tool for network monitoring and data acquisition. An
attacker is able to send a specially crafted network packet which
causes tcpdump to enter an infinite loop.
SuSE alert: hypermail
Hypermail is a tool to convert a Unix mail-box file to a set of cross- referenced HTML documents. During an internal source code review done by Thomas Biege several bugs where found in hypermail and its tools. These bugs allow remote code execution, local tmp race conditions, denial-of-service conditions and read access to files belonging to the host hypermail is running on. Additionally the mail CGI program can be abused by spammers as email- relay and should thus be disabled.
Debian alert: New NANOG traceroute packages fix buffer overflow
A vulnerability has been discovered in NANOG traceroute, an enhanced
version of the Van Jacobson/BSD traceroute program. A buffer overflow
occurs in the 'get_origin()' function. Due to insufficient bounds
checking performed by the whois parser, it may be possible to corrupt
memory on the system stack. This vulnerability can be exploited by a
remote attacker to gain root privileges on a target host. Though,
most probably not in Debian.
Mandrake alert: Updated shadow-utils packages fix improper mailspool ownership
The shadow-utils package contains the tool useradd, which is used to create or update new user information. When useradd creates an account, it would create it with improper permissions; instead of having it owned by the group mail, it would be owned by the user's primary group. If this is a shared group (ie. "users"), then all members of the shared group would be able to obtain access to the mail spools of other members of the same group. A patch to useradd has been applied to correct this problem.
« Previous ( 1 ... 538 539 540 541 542 543 544 545 546 547 548 ... 595 ) Next »