Showing headlines posted by dave

« Previous ( 1 ... 575 576 577 578 579 580 581 582 583 584 585 ... 595 ) Next »

SuSE alert: cron

  • Mailing list (Posted by dave on May 15, 2001 4:48 AM EDT)
  • Story Type: Security; Groups: SUSE
The crontab program is running setuser-id root and invokes the editor specified in the EDITOR environment variable, usually vi. If crontab discovers that the format of the edited file is incorrect, it executes the editor again but fails to drop its root privileges before. Therefore it is possible to execute arbitrary commands as root. Sebastian Krahmer has found the bug. It has been fixed by properly dropping the privileges before executing the editor.

Red Hat alert: New samba packages available to fix /tmp races

  • Mailing list (Posted by dave on May 14, 2001 6:20 PM EDT)
  • Story Type: Security; Groups: Red Hat
New samba packages are available; these packages fix /tmp races in smbclient and the printing code. By exploiting these vulnerabilities, local users could overwrite any file in the system. It is recommended that all samba users upgrade to the fixed packages. Please note that the packages for Red Hat Linux 6.2 require an updated logrotate package. Note: these packages include the security patch from Samba-

Red Hat alert: New samba packages available to fix /tmp races

  • Mailing list (Posted by dave on May 14, 2001 6:20 PM EDT)
  • Story Type: Security; Groups: Red Hat
New samba packages are available; these packages fix /tmp races in smbclient and the printing code. By exploiting these vulnerabilities, local users could overwrite any file in the system. It is recommended that all samba users upgrade to the fixed packages. Please note that the packages for Red Hat Linux 6.2 require an updated logrotate package. Note: these packages include the security patch from Samba-

Red Hat alert: New Zope packages are available

  • Mailing list (Posted by dave on May 14, 2001 3:41 PM EDT)
  • Story Type: Security; Groups: Red Hat
New Zope packages are available which fix a security flaw with ZClass.

Red Hat alert: New Zope packages are available

  • Mailing list (Posted by dave on May 14, 2001 3:41 PM EDT)
  • Story Type: Security; Groups: Red Hat
New Zope packages are available which fix a security flaw with ZClass.

Red Hat alert: Updated minicom packages available

  • Mailing list (Posted by dave on May 10, 2001 11:19 AM EDT)
  • Story Type: Security; Groups: Red Hat
The minicom program allows any user with local shell access to obtain group uucp priveledges. It may also be possible for the malicious user to obtain root priveledges as well.

Red Hat alert: Updated minicom packages available

  • Mailing list (Posted by dave on May 10, 2001 11:19 AM EDT)
  • Story Type: Security; Groups: Red Hat
The minicom program allows any user with local shell access to obtain group uucp priveledges. It may also be possible for the malicious user to obtain root priveledges as well.

Debian alert: samba security fix update

  • Mailing list (Posted by dave on May 9, 2001 6:06 AM EDT)
  • Story Type: Security; Groups: Debian
Marc Jacobsen from HP discovered that the security fixes from samba 2.0.8 did not fully fix the /tmp symlink attack problem. The samba team released version 2.0.9 to fix that, and those fixes have been added to version 2.0.7-3.3 of the Debian samba packages.

Red Hat alert: Updated nedit packages available

  • Mailing list (Posted by dave on May 8, 2001 6:08 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated nedit packages fixing a security problem are available.

Debian alert: gftp remote exploit

  • Mailing list (Posted by dave on May 8, 2001 5:55 AM EDT)
  • Story Type: Security; Groups: Debian
The gftp package as distributed with Debian GNU/Linux 2.2 has a problem in its logging code: it logged data received from the network but it did not protect itself from printf format attacks. An attacker can use this by making a FTP server return special responses that exploit this.

Debian alert: man-db local exploit

  • Mailing list (Posted by dave on May 8, 2001 5:55 AM EDT)
  • Story Type: Security; Groups: Debian
Ethan Benson found a bug in man-db packages as distributed in Debian/GNU/Linux 2.2. man-db includes a mandb tool which is used to build an index of the manual pages installed on a system. When the -u or - -c option were given on the command-line to tell it to write its database to a different location it failed to properly drop privileges before creating a temporary file. This makes it possible for an attacked to do a standard symlink attack to trick mandb into overwriting any file that is writable by uid man, which includes the man and mandb binaries.

Debian alert: zope remote unauthorized access

  • Mailing list (Posted by dave on May 7, 2001 7:01 AM EDT)
  • Story Type: Security; Groups: Debian
A new Zope hotfix has been released which fixes a problem in ZClasses. The README for the 2001-05-01 hotfix describes the problem as `any user can visit a ZClass declaration and change the ZClass permission mappings for methods and other objects defined within the ZClass, possibly allowing for unauthorized access within the Zope instance.'

Debian alert: cron local root exploit

  • Mailing list (Posted by dave on May 7, 2001 4:11 AM EDT)
  • Story Type: Security; Groups: Debian
A recent (fall 2000) security fix to cron introduced an error in giving up privileges before invoking the editor. A malicious user could easily gain root access.

SuSE alert: sgmltool

  • Mailing list (Posted by dave on May 4, 2001 4:54 AM EDT)
  • Story Type: Security; Groups: SUSE
The sgmltool programs ("sgml2html" and others) are used to convert SGML-files into various other formats.

Red Hat alert: Updated mount package available

  • Mailing list (Posted by dave on May 2, 2001 12:51 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated mount packages fixing a potential security problem are available.

Red Hat alert: Updated kdelibs packages fixing security problem and memory leaks available

  • Mailing list (Posted by dave on Apr 30, 2001 9:35 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated kdelibs packages fixing a security problem, some memory leaks and some minor bugs are available.

Debian alert: nedit symlink attack

  • Mailing list (Posted by dave on Apr 26, 2001 2:32 PM EDT)
  • Story Type: Security; Groups: Debian
The nedit (Nirvana editor) package as shipped in the non-free section accompanying Debian GNU/Linux 2.2/potato had a bug in its printing code: when printing text it would create a temporary file with the to be printed text and pass that on to the print system. The temporary file was not created safely, which could be exploited by an attacked to make nedit overwrite arbitrary files.

Debian alert: New versions of Zope fix vulnerabilities

  • Mailing list (Posted by dave on Apr 25, 2001 11:49 PM EDT)
  • Story Type: Security; Groups: Debian
This is an addition to DSA 043-1 which fixes several vulnerabilities in Zope. Something went wrong so it has to be corrected. The previous security release 2.1.6-7 has two severe problems:

Red Hat alert: gftp format string vulnerability corrected

  • Mailing list (Posted by dave on Apr 25, 2001 12:30 PM EDT)
  • Story Type: Security; Groups: Red Hat
An updated gftp package is available for Red Hat Linux 6.2 and 7.1. This package contains an upgrade to gftp version

Debian alert: New sendfile packages fix root exploit

  • Mailing list (Posted by dave on Apr 23, 2001 2:14 AM EDT)
  • Story Type: Security; Groups: Debian
Daniel Kobras has discovered and fixed a problem in sendfiled which caused the daemon not to drop privileges as expected when sendnig notification mails. Exploiting this a local user can easily make it execute arbitrary code under root privileges.

« Previous ( 1 ... 575 576 577 578 579 580 581 582 583 584 585 ... 595 ) Next »