Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7362 7363 7364 7365 7366 7367 7368 7369 7370 7371 7372 ... 7384 ) Next »
Red Hat alert: Updated xinetd package available for Red Hat Linux 7 and 7.1
A vulnerability has been found in xinetd's string handling.
SuSE alert: scotty
Tkined's Scotty is a Tcl extension to build network management applications. Ntping, a ping/traceroute program, is part of the Scotty package. It's failure is to read a hostname as commandline option without checking the size. This leads to a bufferoverrun, that could be used to gain root privileges, because ntping is installed setuid root and is executeable by everyone.
SuSE alert: xinetd
Zen-parse has reported a bug to Bugtraq which allows remote attackers to overflow a buffer in the logging routine of xinetd. During investigation we found that more problems exist within xinetd. Xinetd provides its own string-handling (snprintf()-like functions) routines and fails to handle length arguments of 0 properly. Instead of an immediate return it assumes 'no limit' for writing characters to the target-buffer. This can lead to overflows and arbitrary remote code-execution. Additionally xinetd now sets the correct umask before starting other deamons. Please update the packages immediately, kill the old deamon and start the new xinetd deamon with the
SuSE alert: samba
Michal Zalewski discovered that a remote attacker can write to files owned by root if the samba config file /etc/smb.conf contains the %m macro to specify the logfile for logging access to the samba server. The %m macro substitutes the NetBIOS name - improper validation of this name allows an attacker to write to any file in the system.
Red Hat alert: New Samba packages available for Red Hat Linux 5.2, 6.2, 7 and 7.1
New Samba packages are available for Red Hat Linux 5.2, 6.2, 7 and 7.1.
These packages fix a security problem with remote clients giving special
NetBIOS names to the server.
It is recommended that all Samba users upgrade to the fixed packages.
Please note that the packages for Red Hat Linux 6.2 require an updated
logrotate package.
Debian alert: samba remote file append/creation problem
Michal Zalewski discovered that samba does not properly validate
NetBIOS names from remote machines.
Red Hat alert: New updated XFree86 packages available
New updated XFree86 3.3.6 packages are available for Red Hat Linux 7.1,
7.0, and 6.2 which contain many security updates, bug fixes, and updated
drivers for various different families of video hardware including:
S3 Savage, S3 Trio64, S3 ViRGE, Intel i810/i815, ATI Rage Mobility Mach64,
and numerous other driver fixes and improvements.
Red Hat alert: Kernel: FTP iptables vulnerability in 2.4 kernel and general bug fixes
A security hole has been found that does not affect the default
configuration of Red Hat Linux, but it can affect some custom
configurations of Red Hat Linux 7.1. The bug is specific
to the Linux
Debian alert: two xinetd problems
zen-parse reported on bugtraq that there is a possible buffer overflow
in the logging code from xinetd. This could be triggered by using a
fake identd that returns special replies when xinetd does an ident
request.
Debian alert: rxvt buffer overflow
Samuel Dralet reported on bugtraq that version 2.6.2 of rxvt (a
VT102 terminal emulator for X) have a buffer overflow in the
tt_printf() function. A local user could abuse this making rxvt
print a special string using that function, for example by using
the -T or -name command-line options. That string would cause a
stack overflow and contain code which rxvt will execute.
Debian alert: multiple gnupg problems
The version of GnuPG (GNU Privacy Guard, an OpenPGP implementation)
as distributed in Debian GNU/Linux 2.2 suffers from two problems:
Debian alert: fetchmail buffer overflow
Wolfram Kleff found a problem in fetchmail: it would crash when
processing emails with extremely long headers. The problem was
a buffer overflow in the header parser which could be exploited.
Red Hat alert: LPRng fails to drop supplemental group membership
When LPRng drops uid and gid, it fails to drop membership in its
supplemental groups.
Debian alert: man-db symlink attack
Luki R. reported a bug in man-db: it did handle nested calls of
drop_effective_privs() and regain_effective_privs() correctly which
would cause it to regain privileges to early. This could be abused
to make man create files as user man.
Debian alert: exim printf format attack
Megyer Laszlo found a printf format bug in the exim mail transfer
agent. The code that checks the header syntax of an email logs
an error without protecting itself against printf format attacks.
Red Hat alert: Updated GnuPG packages available
Updated GnuPG packages are now available for Red Hat Linux 6.2, 7, and 7.1.
These updates include fixes for the recently-discovered format string
vulnerability.
Red Hat alert: Updated ispell packages available for Red Hat Linux 5.2 and 6.2
The ispell program uses mktemp() to open temporary files - this makes it
vulnerable to symlink attacks.
Red Hat alert: Updated xinetd package available for Red Hat Linux 7 and 7.1
Xinetd runs with umask 0 - this means that applications using the xinetd
umask and not setting the permissions themselves (like swat from the samba
package), will create world writable files.
Red Hat alert: Updated ispell packages available for Red Hat Linux 5.2 and 6.2
The ispell program uses mktemp() to open temporary files - this makes it
vulnerable to symlink attacks.
SuSE alert: gpg/GnuPG
GnuPG (the SuSE package is named "gpg") is a powerful encryption and signing program with a widespread usership in the free software world. It is designed to be a replacement for PGP and conforms to the OpenPGP standard.
« Previous ( 1 ... 7362 7363 7364 7365 7366 7367 7368 7369 7370 7371 7372 ... 7384 ) Next »