Showing headlines posted by dave

« Previous ( 1 ... 563 564 565 566 567 568 569 570 571 572 573 ... 595 ) Next »

Debian alert: New CFS packages fix security problems

  • Mailing list (Posted by dave on Mar 2, 2002 1:20 AM EDT)
  • Story Type: Security; Groups: Debian
Zorgon found several buffer overflows in cfsd, a daemon that pushes encryption services into the Unix(tm) file system. We are not yet sure if these overflows can successfully be exploited to gain root access to the machine running the CFS daemon. However, since cfsd can easily be forced to die, a malicious user can easily perform a denial of service attack to it.

Debian alert: New PHP packages fix security problems

  • Mailing list (Posted by dave on Mar 1, 2002 11:38 PM EDT)
  • Story Type: Security; Groups: Debian
Stefan Esser, who is also a member of the PHP team, found several flaws in the way PHP handles multipart/form-data POST requests (as described in RFC1867) known as POST fileuploads. Each of the flaws could allow an attacker to execute arbitrary code on the victim's system.

Mandrake alert: cyrus-sasl update

Kari Hurtta discovered that a format bug exists in the Cyrus SASL library, which is used to provide an authentication API for mail clients and servers, as well as other services such as LDAP. The format bug was found in one of the logging functions which could be used by an attacker to obtain acces to a machine or to possibly acquire elevated privileges. Thanks to the SuSE security team for providing the fix.

Mandrake alert: php update

Several flaws exist in various versions of PHP in the way it handles multipart/form-data POST requests, which are used for file uploads. The php_mime_split() function could be used by an attacker to execute arbitrary code on the server. This affects both PHP4 and PHP3. The authors have fixed this in PHP 4.1.2 and provided patches for older versions of PHP.

SuSE alert: mod_php/mod_php4

  • Mailing list (Posted by dave on Feb 28, 2002 11:58 AM EDT)
  • Story Type: Security; Groups: SUSE
The e-matters team have found multiple remotely exploitable vulnerabilites in the source code responsible for file upload in the apache modules mod_php and mod_php4 (versions 3 and 4). The weakness can be used to have the webserver execute arbitrary code as supplied by the attacker.

Red Hat alert: Updated PHP packages are available

  • Mailing list (Posted by dave on Feb 28, 2002 8:59 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated PHP packages are available to fix vulnerabilities in the functions that parse multipart MIME data, which are used when uploading files through forms.

Debian alert: Update for SNMP security fix

  • Mailing list (Posted by dave on Feb 28, 2002 5:07 AM EDT)
  • Story Type: Security; Groups: Debian
Some of the changes made in the DSA-111-1 security fix for SNMP changed the API and ABI for the SNMP library which broke some other applications.

SuSE alert: Resend: cups

  • Mailing list (Posted by dave on Feb 27, 2002 5:06 PM EDT)
  • Story Type: Security; Groups: SUSE
We re-release SuSE Security Announcement SuSE-SA:2002:005 with the new announcement ID SuSE-SA:2002:006 due to minor packaging errors that can result in a malfunction of the printing subsystem. The erroneous packages have been removed from the ftp server. The new packages are in place as announced in the URL list below.

Red Hat alert: Updated 2.4 kernel available

  • Mailing list (Posted by dave on Feb 27, 2002 10:59 AM EDT)
  • Story Type: Security; Groups: Red Hat
The Linux Netfilter team has found a problem in the "IRC connection tracking" component of the firewall within the linux kernel. This problem affects Red Hat Linux versions 7.1 and 7.

Mandrake alert: squid update

Three security issues were found in the 2.x versions of the Squid proxy server up to and including 2.4.STABLE3.

Red Hat alert: New squid packages available

  • Mailing list (Posted by dave on Feb 26, 2002 1:22 PM EDT)
  • Story Type: Security; Groups: Red Hat
New squid packages are available that fix various vulnerabilities. Some of these vulnerabilities could be used to perform a denial of service (DoS) attack or allow remote users to execute code as the user squid.

SuSE alert: Re: cups

  • Mailing list (Posted by dave on Feb 26, 2002 4:52 AM EDT)
  • Story Type: Security; Groups: SUSE
We have retracted the security update packages for cups as announced by SuSE Security announcement SuSE-SA:2002:005 due to errors in the binary packages.

SuSE alert: cups

  • Mailing list (Posted by dave on Feb 25, 2002 3:42 AM EDT)
  • Story Type: Security; Groups: SUSE
The well known Common Unix Printing System (CUPS) was found vulnerable to a buffer overflow in the Internet Printing Protocol (IPP) handling code. The buffer overflow could be exploited by a remote attacker as long as their IP address is allowed to connect to the CUPS server.

Mandrake alert: squid update

Three security issues were found in the 2.x versions of the Squid proxy server up to and including 2.4.STABLE3. The first is a memory leak in the optional SNMP interface to Squid which could allow a malicious user who can send packets to the Squid SNMP port to possibly perform a Denial of Service attack on ther server if the SNMP interface is enabled. The next is a buffer overflow in the implementation of ftp:// URLs where allowed users could possibly perform a DoS on the server, and may be able to trigger remote execution of code (which the authors have not yet confirmed). The final issue is with the HTCP interface which cannot be properly disabled from squid.conf; HTCP is enabled by default on Mandrake Linux systems.

Red Hat alert: Updated ncurses4 compat packages are available

  • Mailing list (Posted by dave on Feb 21, 2002 1:08 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated ncurses4 compatability packages which fix a potential security problem are available.

Debian alert: New GNUJSP packages fix directory and script source disclosure

  • Mailing list (Posted by dave on Feb 21, 2002 3:22 AM EDT)
  • Story Type: Security; Groups: Debian
Thomas Springer found a vulnerability in GNUJSP, a Java servlet that allows you to insert Java source code into HTML files. The problem can be used to bypass access restrictions in the web server. An attacker can view the contents of directories and download files directly rather then receiving their HTML output. This means that the source code of scripts could also be revealed.

Debian alert: New ncurses packages available

  • Mailing list (Posted by dave on Feb 18, 2002 3:36 PM EDT)
  • Story Type: Security; Groups: Debian
Several buffer overflows were fixed in the "ncurses" library in November 2000. Unfortunately, one was missed. This can lead to crashes when using ncurses applications in large windows.

Debian alert: New hanterm packages fix buffer overflow

  • Mailing list (Posted by dave on Feb 16, 2002 10:22 AM EDT)
  • Story Type: Security; Groups: Debian
A set of buffer overflow problems have been found in hanterm, a Hangul terminal for X11 derived from xterm, that will read and display Korean characters in its terminal window. The font handling code in hanterm uses hard limited string variables but didn't check for boundaries.

Mandrake alert: cups update

There is a potential buffer overflow vulnerability in CUPS when reading the names of attributes. This bug affects all versions of CUPS and is fixed upstream in version 1.1.14.

Mandrake alert: ucd-snmp update

The Oulu University Secure Programming Group (OUSPG) has identified numerous vulnerabilities in multiple vendor SNMPv1 implementations. These vulnerabilities may allow unauthorized privileged access, denial of service attacks, or unstable behaviour.

« Previous ( 1 ... 563 564 565 566 567 568 569 570 571 572 573 ... 595 ) Next »