Showing headlines posted by dave
« Previous ( 1 ... 575 576 577 578 579 580 581 582 583 584 585 ... 595 ) Next »SuSE alert: cron
The crontab program is running setuser-id root and invokes the editor specified in the EDITOR environment variable, usually vi. If crontab discovers that the format of the edited file is incorrect, it executes the editor again but fails to drop its root privileges before. Therefore it is possible to execute arbitrary commands as root. Sebastian Krahmer has found the bug. It has been fixed by properly dropping the privileges before executing the editor.
Red Hat alert: New samba packages available to fix /tmp races
New samba packages are available; these packages fix /tmp races
in smbclient and the printing code. By exploiting these vulnerabilities,
local users could overwrite any file in the system.
It is recommended that all samba users upgrade to the fixed packages.
Please note that the packages for Red Hat Linux 6.2 require an updated
logrotate package.
Note: these packages include the security patch from Samba-
Red Hat alert: New samba packages available to fix /tmp races
New samba packages are available; these packages fix /tmp races
in smbclient and the printing code. By exploiting these vulnerabilities,
local users could overwrite any file in the system.
It is recommended that all samba users upgrade to the fixed packages.
Please note that the packages for Red Hat Linux 6.2 require an updated
logrotate package.
Note: these packages include the security patch from Samba-
Red Hat alert: New Zope packages are available
New Zope packages are available which fix a security flaw with ZClass.
Red Hat alert: New Zope packages are available
New Zope packages are available which fix a security flaw with ZClass.
Red Hat alert: Updated minicom packages available
The minicom program allows any user with local shell access to obtain
group uucp priveledges. It may also be possible for the malicious user
to obtain root priveledges as well.
Red Hat alert: Updated minicom packages available
The minicom program allows any user with local shell access to obtain
group uucp priveledges. It may also be possible for the malicious user
to obtain root priveledges as well.
Debian alert: samba security fix update
Marc Jacobsen from HP discovered that the security fixes from samba
2.0.8 did not fully fix the /tmp symlink attack problem. The samba
team released version 2.0.9 to fix that, and those fixes have been
added to version 2.0.7-3.3 of the Debian samba packages.
Red Hat alert: Updated nedit packages available
Updated nedit packages fixing a security problem are available.
Debian alert: gftp remote exploit
The gftp package as distributed with Debian GNU/Linux 2.2 has a problem
in its logging code: it logged data received from the network but it did
not protect itself from printf format attacks. An attacker can use this
by making a FTP server return special responses that exploit this.
Debian alert: man-db local exploit
Ethan Benson found a bug in man-db packages as distributed in
Debian/GNU/Linux 2.2. man-db includes a mandb tool which is used to
build an index of the manual pages installed on a system. When the -u or
- -c option were given on the command-line to tell it to write its database
to a different location it failed to properly drop privileges before
creating a temporary file. This makes it possible for an attacked to do
a standard symlink attack to trick mandb into overwriting any file that
is writable by uid man, which includes the man and mandb binaries.
Debian alert: zope remote unauthorized access
A new Zope hotfix has been released which fixes a problem in ZClasses.
The README for the 2001-05-01 hotfix describes the problem as `any user
can visit a ZClass declaration and change the ZClass permission mappings
for methods and other objects defined within the ZClass, possibly
allowing for unauthorized access within the Zope instance.'
Debian alert: cron local root exploit
A recent (fall 2000) security fix to cron introduced an error in giving
up privileges before invoking the editor. A malicious user could
easily gain root access.
SuSE alert: sgmltool
The sgmltool programs ("sgml2html" and others) are used to convert SGML-files into various other formats.
Red Hat alert: Updated mount package available
Updated mount packages fixing a potential security problem are available.
Red Hat alert: Updated kdelibs packages fixing security problem and memory leaks available
Updated kdelibs packages fixing a security problem, some memory leaks and
some minor bugs are available.
Debian alert: nedit symlink attack
The nedit (Nirvana editor) package as shipped in the non-free section
accompanying Debian GNU/Linux 2.2/potato had a bug in its printing code:
when printing text it would create a temporary file with the to be
printed text and pass that on to the print system. The temporary file
was not created safely, which could be exploited by an attacked to make
nedit overwrite arbitrary files.
Debian alert: New versions of Zope fix vulnerabilities
This is an addition to DSA 043-1 which fixes several vulnerabilities
in Zope. Something went wrong so it has to be corrected. The
previous security release 2.1.6-7 has two severe problems:
Red Hat alert: gftp format string vulnerability corrected
An updated gftp package is available for Red Hat Linux 6.2 and 7.1. This
package contains an upgrade to gftp version
Debian alert: New sendfile packages fix root exploit
Daniel Kobras has discovered and fixed a problem in sendfiled which
caused the daemon not to drop privileges as expected when sendnig
notification mails. Exploiting this a local user can easily make it
execute arbitrary code under root privileges.
« Previous ( 1 ... 575 576 577 578 579 580 581 582 583 584 585 ... 595 ) Next »