Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7340 7341 7342 7343 7344 7345 7346 7347 7348 7349 7350 ... 7440 ) Next »
Linux Advisory Watch - January 16, 2004
This week, advisories were released for phpgroupware, kernel, jitterbug, ethereal, kdepim, cvs, kdepim, and tcpdump. The distributors include Debian, Gentoo, Mandrake, Red Hat, Slackware, SuSE, and Trustix.
Red Hat warns of problem in Apache
By Michael S. Mimoso, Senior News Editor. Red Hat Inc. on Wednesday issued four security alerts that include fixes for problems in
SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
Tcpdump is a well known tool for administrators to analyze network
traffic.
There is a bug in the tcpdump code responsible for handling ISAKMP
messages. This bug allows remote attackers to destroy a current
tcpdump session by tricking the tcpdump program with evil ISAKMP
messages to enter an endless loop.
SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:003)
The do_mremap() function of the Linux Kernel is used to manage
(move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect
bounds check in do_mremap() during the remapping of memory it is
possible to create a VMA with the size of 0.
In normal operation do_mremap() leaves a memory hole of one page and
creates an additional VMA of two pages. In case of exploitation no
hole is created but the new VMA has a 0 bytes length.
The Linux Kernel's memory management is corrupted from this point
and can be abused by local users to gain root privileges.
Additionally Andi Kleen of SUSE LINUX found and fixed another bug
in the 32bit emulation of ptrace() which allows to modify CPU registers
from user-space to get full access to system ressources.
The Wrath of Linux
Fools recall that for the past few months, SCO (the software maker formerly known as Caldera) has been shaking down Linux providers, even taking a $3 billion
Ants Data Server Successfully Ported to Linux Operating System
OTCBB:ANTS), a developer of high-performance SQL database management systems, announced today that it has successfully ported the ANTs Data Server to the Linux
Almost by stealth, the Linux desktop is here
COMMENTARY--One of my dirty little secrets is that I have never successfully installed Linux on anything. I've tried many times Server to the Linux
Red Hat alert: Updated Net-SNMP packages fix security and other bugs
Updated Net-SNMP packages are available to correct a security vulnerability
and other bugs.
Writing a Template System in PHP
There are several templating systems available; some are native to PHP while others have been ported to PHP from other programming languages.
Trustix update: samba
libnss_wins was not being built. It is now.
Trustix update: kernel
Minor cleanup of the kernel source package. No other kernel package
is affected.
Trustix alert: tcpdump
A problem in tcpdump was discovered, where it was possible to crash the
program by sending carefully crafted packets on the network.
SCO Announces Worldwide Availability of SCO Intellectual Property ...
SCO announced it has begun making the SCO Intellectual Property License available to companies and organizations worldwide including small-to-medium size businesses and large corporations.
Saudi open source conference opens minds
Two easily-identified Microsoft trolls were also in the main auditorium audience, asking the same questions Microsoft hirelings ask at open source conferences
Open source developers: protect yourself or face the music
In the wake of the ongoing SCO lawsuit, open source developers must take steps to ensure they don't become the victims of further legal action.
Mandrake alert: Updated kdepim packages fix vulnerability
This vulnerability allows for a
carefully crafted .VCF file to potentially enable a local attacker to
compromise the privacy of a victim's data or execute arbitrary commands
with the victim's privileges. This can also be used by remote
attackers if the victim enables previews for remote files; however this
is disabled by default.
Mandrake alert: Updated krozat package fix memory leak
The krozat screensaver in Mandrake Linux 9.1 and 9.2 had a memory leak. The updated packages correct the problem.
Mandrake alert: Updated kdegames package fix crash with kwin4
The kwin4 application would crash on startup. The updated packages
fix this problem.
Mandrake alert: Updated qt3 package fix problems with accelerator keys
A problem with qt3 would cause improper behaviour of using accelerator
keys in KDE applications such as Konqueror, KMail, and others. Using
these keys would either crash the program or simply not work. The
updated packages fix this problem.
Red Hat alert: Updated tcpdump packages fix various vulnerabilities
Updated tcpdump, libpcap, and arpwatch packages fix vulnerabilities in
ISAKMP and RADIUS parsing.
« Previous ( 1 ... 7340 7341 7342 7343 7344 7345 7346 7347 7348 7349 7350 ... 7440 ) Next »