Showing headlines posted by dave

Syncookies are used to protect a system against certain Denial Of Service (DOS) attacks. A flaw in this mechanism has been found which can be used to circumvent certain types of firewall configurations. Note: syncookies are not enabled in the default installation of Red Hat Linux but many server administrators do enable syncookies.

Information about the security problems fixed with the new kernel rpm packages from SuSE Security Announcement: kernel (SuSE-SA:2001:036) has been withheld in coordination with other Linux distributors/vendors. We hereby re-release SuSE-SA:2001:036 with the new announcement ID SuSE-SA:2001:039, now including additional information about the bugs fixed.

Updated ucd-snmp packages are now available for Red Hat Linux 6.2, 7 and 7.1. These packages include fixes for the following problems: - /tmp race and setgroups() privilege problem - Various buffer overflow and format string issues - One signedness problem in ASN handling It is recommended that all users update to the fixed packages.

A collection of security fixes, bug fixes, and functionality updates, including the Omni print drivers from IBM.

UUCP is a well known tool suite for copying data between unix-like systems. Zen-Parse reported that the higher privileges of uux (UID uucp) aren't dropped if long options instead of normal (short) options are used. An attacker could exploit this hole, by specifying a malicious configuration file to execute and/or access arbitrary data with the privilege of user uucp.

Updated teTeX packages are available, fixing a temporary file handling vulnerability and an insecure invocation of dvips in a print filter.

These updated webalizer package fixes a security problem and some minor bugs.

Updated webalizer packages are available which fix a security problem and some minor bugs.

Updated webalizer packages are available which fix a security problem and some minor bugs.

The squid proxy server can be crashed with a malformed request, resulting in a denial of service attack. After the crash, the squid proxy must be restarted. The weakness can only be triggered from an address that is allowed to send requests, as configured in the squid configuration file.

When used in a spooling environment, it is inappropriate to allow programs to read arbitrary files as a result of print requests. Ghostscript, a postscript interpreter, can read arbitrary system files with the same permissions as the print spooler, potentially exposing the system to an information compromise.

Two security related problems have been found in both the 2.2 and 2.4 series kernels:

Updated mod_auth_pgsql packages are now available for Red Hat Linux 7.

Updated mod_auth_pgsql packages are now available for Red Hat Linux 7.

ht://Dig is a powerfull indexing and information gathering tool for the web. ht://Dig's search engine htsearch could be run by a http server as CGI program or standalone as commandline tool. Due to insufficient checking of the running environment it is possible to use commandline options via CGI. An remote attacker could use the -c option to specify /dev/zero as an alternate config file to causes a denial of service for some minutes. To read files with the privilege of the http server by abusing the -c option an attacker needs write access to the server running htsearch.

Multiple Linux vendors have issued security announcements about failures of the /bin/login program to properly initialize the privileges of an authenticated user if the PAM module pam_limits is enabled. The bug has been categorized as a sequence bug, and is located in the code of the login program itself: A call to getpwnam(3) returns a pointer to a struct passwd, and the data is being used. Then, a call to PAM routines cause getpwnam(3) to be called again, but beyond the programmer's control or knowledge. The pointer as returned by the first getpwnam(3) remains the same, but the data may be different. By consequence, the data is in an undefined state. The error appears with the pam_limits PAM module only because other PAM modules do not call getpwnam(3).

A vulnerability has been found in the ptrace code of the kernel (ptrace is the part that allows program debuggers to run) that could be abused by local users to gain root privileges. 2001-10-22: Kernel updates are now available for Red Hat Linux 7.

Red Hat, Inc. (NASDAQ:RHAT) today announced that Red Hat Linux 7.2 and Red Hat Linux Professional are now available in stores, through computer resellers and direct from Red Hat. The latest version of the market leading Linux distribution adds significant new capabilities, both for use as a workstation and use as a server. Red Hat Linux 7.2 and Red Hat Linux Professional will also be available through hardware partners in the coming weeks.

New squid packages are available that fix a potential DoS in Squid's FTP handling code. It is recommened that squid users update to the fixed packages. The packages for Red Hat Linux 6.2 also fix the problem described in RHSA-2001:097-04; it was later discovered that Red Hat Linux 6.2 is vulnerable to the same problem in accelerator-only mode. 2001-10-22: Packages are now available for Red Hat Linux 7.

New squid packages are available that fix a potential DoS in Squid's FTP handling code. It is recommened that squid users update to the fixed packages. The packages for Red Hat Linux 6.2 also fix the problem described in RHSA-2001:097-04; it was later discovered that Red Hat Linux 6.2 is vulnerable to the same problem in accelerator-only mode. 2001-10-22: Packages are now available for Red Hat Linux 7.