Showing headlines posted by dave

« Previous ( 1 ... 576 577 578 579 580 581 582 583 584 585 586 ... 595 ) Next »

Debian alert: New Netscape packages available

  • Mailing list (Posted by dave on Apr 23, 2001 2:05 AM EDT)
  • Story Type: Security; Groups: Debian
Florian Wesch has discovered a problem (reported to bugtraq) with the way how Netscape handles comments in GIF files. The Netscape browser does not escape the GIF file comment in the image information page. This allows javascript execution in the "about:" protocol and can for example be used to upload the History (about:global) to a webserver, thus leaking private information. This problem has been fixed upstream in Netscape 4.77. Since we haven't received sourcecode for these packages they are not part of the Debian GNU/Linux distribution but are packaged up as `.deb' files for a convenient installation.

Red Hat alert: Updated mgetty packages available

  • Mailing list (Posted by dave on Apr 20, 2001 10:04 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated mgetty packages are now available for Red Hat Linux 6.2 and 7.x. These packages fix packaging errors present in previous versions.

SuSE alert: hylafax

  • Mailing list (Posted by dave on Apr 20, 2001 1:34 AM EDT)
  • Story Type: Security; Groups: SUSE
The HylaFax program hfaxd(8c) implements the server part of the HylaFax package. It is started either by inetd(8) or runs in standalone mode. hfaxd(8c) offers three different protocols to process fax jobs. When hfaxd(8c) tries to change to it's queue directory and fails, it prints an error message via syslog by directly passing user supplied data as format string. As long as hfaxd(8c) is installed setuid root, this behavior could be exploited to gain root access locally.

Debian alert: New version sendfile fix local root exploit

  • Mailing list (Posted by dave on Apr 19, 2001 2:36 PM EDT)
  • Story Type: Security; Groups: Debian
Colin Phipps and Daniel Kobras discovered and fixed several serious bugs in the saft daemon `sendfiled' which caused it to drop privileges incorrectly. Exploiting this a local user can easily make it execute arbitrary code under root privileges.

Red Hat alert: FTP iptables vulnerability in 2.4 kernel

  • Mailing list (Posted by dave on Apr 19, 2001 12:00 PM EDT)
  • Story Type: Security; Groups: Red Hat
A security hole has been found that does not affect the default configuration of Red Hat Linux, but can affect some custom configurations of Red Hat Linux 7.1 only. The bug is specific to the Linux

SuSE alert: nedit

  • Mailing list (Posted by dave on Apr 19, 2001 1:32 AM EDT)
  • Story Type: Security; Groups: SUSE
The Nirvana Editor, NEdit, is a GUI-style text editor based on popular Macintosh and MS Windows editors. When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.

SuSE alert: sudo

  • Mailing list (Posted by dave on Apr 19, 2001 1:31 AM EDT)
  • Story Type: Security; Groups: SUSE
The setuid application sudo(8) allows a user to execute commands under the privileges of another user (including root). sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise.

Debian alert: exuberant-ctags for sparc was incorrectly built

  • Mailing list (Posted by dave on Apr 19, 2001 12:48 AM EDT)
  • Story Type: Security; Groups: Debian
The updated exuberant-ctags that was mentioned in DSA-046-1 was unfortunately compiled incorrectly: the stable chroot we used turned out to be running unstable instead.

Debian alert: samba for sparc was incorrectly built

  • Mailing list (Posted by dave on Apr 19, 2001 12:48 AM EDT)
  • Story Type: Security; Groups: Debian
The updated samba packages that were mentioned in DSA-048-1 were unfortunately compiled incorrectly: the stable chroot we used turned out to be running unstable instead.

Debian alert: remote cfingerd exploit

  • Mailing list (Posted by dave on Apr 18, 2001 5:02 PM EDT)
  • Story Type: Security; Groups: Debian
Megyer Laszlo report on Bugtraq that the cfingerd Debian as distributed with Debian GNU/Linux 2.2 was not careful in its logging code. By combining this with an off-by-one error in the code that copied the username from an ident response cfingerd could exploited by a remote user. Since cfingerd does not drop its root privileges until after it has determined which user to finger an attacker can gain root privileges.

Debian alert: samba symlink attacks

  • Mailing list (Posted by dave on Apr 17, 2001 4:14 PM EDT)
  • Story Type: Security; Groups: Debian
Marcus Meissner discovered that samba was not creating temporary files safely in two places:

Announcing availability of Red Hat Linux 7.1 (Seawolf)

2001-- Red Hat, Inc. (Nasdaq:RHAT - news), the leader in developing, deploying and managing open source solutions, announced today the availability of Red Hat Linux 7.1, the latest version of the world's most popular open source server operating environment. Red Hat Linux 7.1 includes the new 2.4 kernel with improved SMP support for superior performance on Intel multi-processor platforms. Red Hat Linux 7.1 also delivers new configuration tools that enable users to effortlessly set up and administer DNS, Web and print servers. This release features Red Hat Network connectivity, including software manager.

Red Hat alert: Linux kernel 2.2.19 now available, provides security fixes, enhancements

  • Mailing list (Posted by dave on Apr 16, 2001 11:29 AM EDT)
  • Story Type: Security; Groups: Red Hat
A local denial of service attack and root compromise of the kernel have been corrected, drivers have been updated, and NFS version 3 has been integrated.

Red Hat alert: New netscape packages available (Red Hat Linux 7.1 added)

  • Mailing list (Posted by dave on Apr 16, 2001 10:27 AM EDT)
  • Story Type: Security; Groups: Red Hat
New netscape packages are availabe to fix a problem with the handling of JavaScript in certain situations. By exploiting this flaw, a remote site could gain access to the browser history, and possibly other data. It is recommended that all users upgrade to the fixed packages. 2001-04-16: netscape-4.77-1 packages are now available for Red Hat Linux 7.1 for Intel.

Debian alert: multiple kernel problems

  • Mailing list (Posted by dave on Apr 15, 2001 4:08 PM EDT)
  • Story Type: Security; Groups: Debian
The kernels used in Debian GNU/Linux 2.2 have been found to have multiple security problems. This is a list of problems based on the 2.2.19 release notes as found on http://www.linux.org.uk/ :

Debian alert: exuberant-ctags uses insecure temporary files

  • Mailing list (Posted by dave on Apr 15, 2001 4:23 AM EDT)
  • Story Type: Security; Groups: Debian
Colin Phipps discovered that the exuberant-ctags packages as distributed with Debian GNU/Linux 2.2 creates temporary files insecurely. This has been fixed in version 1:3.2.4-0.1 of the Debian package, and upstream version 3.5.

Red Hat alert: New netscape packages available

  • Mailing list (Posted by dave on Apr 10, 2001 6:32 PM EDT)
  • Story Type: Security; Groups: Red Hat
New netscape packages are availabe to fix a problem with the handling of JavaScript in certain situations. By exploiting this flaw, a remote site could gain access to the browser history, and possibly other data. It is recommended that all users upgrade to the fixed packages.

Red Hat alert: Updated pine packages available

  • Mailing list (Posted by dave on Apr 10, 2001 2:31 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated pine packages are now available for Red Hat Linux 7.0, 6.2, and 5.

SuSE alert: vim/gvim

  • Mailing list (Posted by dave on Apr 10, 2001 5:48 AM EDT)
  • Story Type: Security; Groups: SUSE
The text editor vim, Vi IMproved, was found vulnerable to two security bugs. 1.) a tmp race condition 2.) vim commands in regular files will be executed if the status line of vim is enabled in vimrc Both vulnerabilities could be used to gain unauthorized access to more privileges.

SuSE alert: mc

  • Mailing list (Posted by dave on Apr 10, 2001 5:46 AM EDT)
  • Story Type: Security; Groups: SUSE
The Midnight Commander, mc(1), is a ncurses-based file manager. A local attacker could trick mc(1) into executing commands with the privileges of the user running mc(1) by creating malicious directory names. This attack leads to local privilege escalation.

« Previous ( 1 ... 576 577 578 579 580 581 582 583 584 585 586 ... 595 ) Next »