Showing headlines posted by dave

« Previous ( 1 ... 544 545 546 547 548 549 550 551 552 553 554 ... 595 ) Next »

Red Hat alert: Updated MySQL packages fix various security issues

  • Mailing list (Posted by dave on Jan 15, 2003 10:23 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated MySQL packages are available for Red Hat Linux 7, 7.1, 7.2, 7.3, and 8.0 which fix security vulnerabilities found in the MySQL server.

Debian alert: New IMP packages fix SQL injection and typo

  • Mailing list (Posted by dave on Jan 15, 2003 8:11 AM EDT)
  • Story Type: Security; Groups: Debian
The advisory DSA 229-1 contained a typo in one file which could cause certain installations to fail suddenly.

Debian alert: New IMP packages fix SQL injection

  • Mailing list (Posted by dave on Jan 15, 2003 6:15 AM EDT)
  • Story Type: Security; Groups: Debian
Jouko Pynnonen discovered a probem with IMP, a web based IMAP mail program. Using carefully crafted URLs a remote attacker is able to inject SQL code into SQL queries without proper user authentication. Even though results of SQL queries aren't directly readable from the screen, an attacker might. update his mail signature to contain wanted query results and then view it on the preferences page of IMP.

Mandrake alert: Updated OpenLDAP packages fix multiple vulnerabilities

A review was completed by the SuSE Security Team on the OpenLDAP server software, and this audit revealed several buffer overflows and other bugs that remote attackers could exploit to gain unauthorized access to the system running the vulnerable OpenLDAP servers. Additionally, various locally exploitable bugs in the OpenLDAP v2 libraries have been fixed as well.

Mandrake alert: Updated leafnode packages fix remote DoS vulnerability

A vulnerability was discovered by Jan Knutar in leafnode that Mark Brown pointed out could be used in a Denial of Service attack. This vulnerability causes leafnode to go into an infinite loop with 100% CPU use when an article that has been crossposed to several groups, one of which is the prefix of another, is requested by it's Message-ID.

Red Hat alert: Updated PostgreSQL packages fix security issues and bugs

  • Mailing list (Posted by dave on Jan 14, 2003 1:41 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated PostgreSQL packages are available for Red Hat Linux 7.3 and 8.0. These packages correct several security and other bugs. A separate advisory deals with updated PostgreSQL packages for Red Hat Linux 6.2, 7, 7.1, and 7.

Red Hat alert: Updated PostgreSQL packages fix buffer overrun vulnerabilities

  • Mailing list (Posted by dave on Jan 14, 2003 1:41 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated PostgreSQL packages are available for Red Hat Linux 6.2, 7, 7.1, and 7.2 where we have backported a number of security fixes. A separate advisory deals with updated PostgreSQL packages for Red Hat Linux 7.3 and 8.0.

Debian alert: New libmcrypt packages fix buffer overflows and memory leak

  • Mailing list (Posted by dave on Jan 14, 2003 6:37 AM EDT)
  • Story Type: Security; Groups: Debian
Ilia Alshanetsky discovered several buffer overflows in libmcrypt, a decryption and encryption library, that originates in from improper or lacking input validation. By passing input which is longer then expected to a number of functions (multiple functions are affected) the user can successful make libmcrypt crash and may be able to insert arbitrary, malicious, code which will be executed under the user libmcrypt runs as, e.g. inside a web server.

SuSE alert: libpng

  • Mailing list (Posted by dave on Jan 14, 2003 1:18 AM EDT)
  • Story Type: Security; Groups: SUSE
The library libpng provides several functions to encode, decode and manipulate Portable Network Graphics (PNG) image files. Due to wrong calculation of some loop offset values a buffer overflow can occur. The buffer overflow can lead to Denial-of-Service or even to remote compromise.

Mandrake alert: Updated KDE packages fix multiple vulnerabilities

Multiple instances of improperly quoted shell command execution exist in KDE 2.x up to and including KDE 3.0.5. KDE fails to properly quote parameters of instructions passed to the shell for execution. These parameters may contain data such as filenames, URLs, email address, and so forth; this data may be provided remotely to a victim via email, web pages, files on a network filesystem, or other untrusted sources.

Mandrake alert: Updated krb5 packages fix incorrect initscripts

A stack buffer overflow in the implementation of the Kerberos v4 compatibility administration daemon (kadmind4) in the krb5 package can be exploited to gain unauthorized root access to a KDC host. Authentication to the daemon is not required to successfully perform the attack and according to MIT at least one exploit is known to exist. kadmind4 is used only by sites that require compatibility with legacy administrative clients, and sites that do not have these needs are likely not using kadmind4 and are not affected.

Red Hat alert: Updated CUPS packages fix various vulnerabilities

  • Mailing list (Posted by dave on Jan 13, 2003 6:36 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated CUPS packages are available for Red Hat Linux 7.3 and 8.0 which fix various security issues.

Red Hat alert: Updated libpng packages fix buffer overflow

  • Mailing list (Posted by dave on Jan 13, 2003 6:29 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated libpng packages are available that fix a buffer overflow vulnerability.

Debian alert: New openldap packages fix buffer overflows and remote exploit

  • Mailing list (Posted by dave on Jan 13, 2003 6:07 AM EDT)
  • Story Type: Security; Groups: Debian
The SuSE Security Team reviewed critical parts of openldap2, an implementation of the Lightweight Directory Access Protocol (LDAP) version 2 and 3, and found several buffer overflows and other bugs remote attackers could exploit to gain access on systems running vulnerable LDAP servers. In addition to these bugs, various local exploitable bugs within the OpenLDAP2 libraries have been fixed.

Debian alert: New xpdf-i packages fix arbitrary command execution

  • Mailing list (Posted by dave on Jan 10, 2003 5:21 AM EDT)
  • Story Type: Security; Groups: Debian
iDEFENSE discovered an integer overflow in the pdftops filter from the xpdf and xpdf-i packages that can be exploited to gain the privileges of the target user. This can lead to gaining privileged access to the 'lp' user if thee pdftops program is part of the print filter.

Mandrake alert: Updated dhcpcd packages fix character expansion vulnerability

A vulnerability was discovered by Simon Kelley in the dhcpcd DHCP client daemon. dhcpcd has the ability to execute an external script named dhcpcd-<interface>.exe when an IP address is assigned to that network interface. The script sources the file /var/lib/dhcpcd/dhcpcd-<interface>.info which contains shell variables and DHCP assignment information. The way quotes are handled inside these assignments is flawed, and a malicious DHCP server can execute arbitrary shell commands on the vulnerable DHCP client system. This can also be exploited by an attacker able to spoof DHCP responses.

Mandrake alert: Updated xpdf packages fix integer overflow vulnerability

The pdftops filter found in both the xpdf and CUPS packages suffers from an integer overflow that can be exploited to gain the privilege of the victim user.

Mandrake alert: Updated CUPS packages fix multiple vulnerabilities

iDefense reported several security problems in CUPS that can lead to local and remote root compromise.

Red Hat alert: Updated Ethereal packages are available

  • Mailing list (Posted by dave on Jan 9, 2003 7:16 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated Ethereal packages are available which fix various security issues.

Debian alert: New tomcat packages fix source disclosure vulnerability

  • Mailing list (Posted by dave on Jan 9, 2003 5:53 AM EDT)
  • Story Type: Security; Groups: Debian
A security vulnerability has been confirmed to exist in Apache Tomcat 4.0.x releases, which allows to use a specially crafted URL to return the unprocessed source of a JSP page, or, under special circumstances, a static resource which would otherwise have been protected by a security constraint, without the need for being properly authenticated. This is based on a variant of the exploit that was identified as CAN-2002-1148.

« Previous ( 1 ... 544 545 546 547 548 549 550 551 552 553 554 ... 595 ) Next »