Showing headlines posted by dave
« Previous ( 1 ... 539 540 541 542 543 544 545 546 547 548 549 ... 595 ) Next »Mandrake alert: Updated webmin packages fix session ID spoofing vulnerability
A vulnerability was discovered in webmin by Cintia M. Imanishi, in the miniserv.pl program, which is the core server of webmin. This vulnerability allows an attacker to spoof a session ID by including special metacharacters in the BASE64 encoding string used during the authentication process. This could allow an attacker to gain full administrative access to webmin.
SuSE alert: openssl
OpenSSL is an implementation of the Secure Sockets Layer and Transport Layer Security protocols and provides strong cryptography for many applications in a Linux system. It is a default package in all SuSE products.
SuSE alert: libmcrypt
Libmcrypt is a data encryption library that is able to load crypto- modules at run-time by using libltdl. Versions of libmcrypt prior to 2.5.5 include several buffer overflows that can be triggered by passing very long input to the mcrypt_* functions. The way libmcrypt handles dynamic crypto-modules via libltdl leads to memory-leaks that can cause a Denial-of-Service condition. This Problem can just be solved by linking modules static. This security update does not solve the memory-leak problem to avoid compatibility problems. Future releases of libmcrypt will be linked statically.
Mandrake alert: Updated packages fix multiple vulnerabilities
The following packages are now available for Multi Network Firewall 8.2 and bring it up to the same errata level as Mandrake Linux 8.2 with all patches and updates available to date applied.
Red Hat alert: Updated vte packages fix gnome-terminal vulnerability
Updated vte packages that fix a vulnerability in gnome-terminal are
available for Red Hat Linux 8.0.
Mandrake alert: Updated vnc packages fix cookie vulnerability
A vulnerability was discovered in the VNC server script that generates an X cookie, used by X authentication. The script generated a cookie that was not strong enough and allow an attacker to more easily guess the authentication cookie, thus obtaining unauthorized access to the VNC server.
Mandrake alert: Updated lynx packages fix CRLF injection vulnerability
A vulnerability was discovered in lynx, a text-mode web browser. The HTTP queries that lynx constructs are from arguments on the command line or the $WWW_HOME environment variable, but lynx does not properly sanitize special characters such as carriage returns or linefeeds. Extra headers can be inserted into the request because of this, which can cause scripts that use lynx to fetch data from the wrong site from servers that use virtual hosting.
Debian alert: New OpenSSL packages fix timing-based attack vulnerability
A vulnerability has been discovered in OpenSSL, a Secure Socket Layer
(SSL) implementation. In an upcoming paper, Brice Canvel (EPFL),
Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and Martin Vuagnoux (EPFL,
Ilion) describe and demonstrate a timing-based attack on CBC cipher
suites used in SSL and TLS. OpenSSL has been found to vulnerable to
this attack.
Mandrake alert: Updated krb5 packages fix vulnerability in FTP client
A vulnerability was discovered in the Kerberos FTP client. When the client retrieves a file that has a filename beginning with a pipe character, the FTP client will pass that filename to the command shell in a system() call. This could allow a malicious remote FTP server to write to files outside of the current directory or even execute arbitrary commands as the user using the FTP client.
Mandrake alert: Updated openssl packages fix timing-based attack vulnerability
In an upcoming paper, Brice Canvel (EPFL), Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and Martin Vuagnoux (EPFL, Ilion) describe and demonstrate a timing-based attack on CBC ciphersuites in SSL and TLS.
Debian alert: New slocate packages fix local root exploit
A problem has been discovered in slocate, a secure locate replacement.
A buffer overflow in the setuid program slocate can be used to execute
arbitrary code as superuser.
Red Hat alert: Updated VNC packages fix replay and cookie vulnerabilities
Updated VNC packages are available to fix a challenge replay vulnerability
and a weak cookie vulnerability.
Red Hat alert: Updated shadow-utils packages fix exposure
Updated shadow-utils packages correct a bug that caused the useradd tool to
create mail spools with incorrect permissions.
Mandrake alert: Updated php packages fix buffer overflow vulnerability
A buffer overflow was discovered in the wordwrap() function in versions of PHP greater than 4.1.2 and less than 4.3.0. Under certain circumstances, this buffer overflow can be used to overwite heap memory and could potentially lead to remote system compromise.
Mandrake alert: Updated apcupsd packages fix buffer overflow and remove vulnerability
A remote root vulnerability in slave setups and some buffer overflows in the network information server code were discovered by the apcupsd developers. They have been fixed in the latest unstable version, 3.10.5 which contains additional enhancements like USB support, and the latest stable version, 3.8.6.
Mandrake alert: Updated pam packages fix root authorization handling in pam_xauth module
Andreas Beck discovered that the pam_xauth module would forward authorization information from the root account to unprivileged users. This can be exploited by a local attacker to gain access to the root user's X session. In order for it to be successfully exploited, the attacker would have to somehow get the root user to su to the account belonging to the attacker.
SuSE alert: mod_php4
The Apache module mod_php4 supports the widely used Web scripting language PHP. Under some special circumstances a buffer overflow can be triggered in mod_php4's wordwrap() function. This buffer overflow can be used to overwrite heap memory and possibly can lead to remote system compromise. Just mod_php4 versions greater than 4.1.2 and less than 4.3.0 are vulnerable. This affects SuSE Linux 8.1 and all SuSE Linux Enterprise Server 8 based products.
SuSE alert: imp
IMP is a well known PHP-based web-mail system. Some SQL-injection vulnerabilities were found in IMP 2.x that allow an attacker to access the underlying database. No authentication is needed to exploit this bug. An attacker can gain access to protected information or, in conjunction with PostgreSQL, execute shell commands remotely.
Debian alert: New CUPS packages fix wrong libPNG dependency
This update corrects a library dependency for the libcupsys2 package
which sneaked in with the last security update to CUPS for the stable
distribution (woody).
Debian alert: New w3m packages fix cookie information leak
Hironori Sakamoto, one of the w3m developers, found two security
vulnerabilities in w3m and associated programs. The w3m browser does
not properly escape HTML tags in frame contents and img alt
attributes. A malicious HTML frame or img alt attribute may deceive a
user to send his local cookies which are used for configuration. The
information is not leaked automatically, though.
« Previous ( 1 ... 539 540 541 542 543 544 545 546 547 548 549 ... 595 ) Next »