Showing all newswire headlines

imagemagick's libmagick library, under certain circumstances, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of another user who is invoking a program using this library.

A vulnerability was found in versions of ypserv prior to version 2.7. If a malicious client were to query ypserv via TCP and subsequently ignore the server's response, ypserv will block attempting to send the reply. The result is that ypserv will fail to respond to other client requests. ypserv 2.7 and above have been altered to fork a child for each client request, which prevents any one request from causing the server to block.

Martyn Gilmore discovered flaws in various PDF viewers, including xpdf. An attacker could place malicious external hyperlinks in a document that, if followed, could execute arbitary shell commands with the privileges of the person viewing the PDF document.

Updated XFree86 packages that resolve various security issues and additionally provide a number of bug fixes and enhancements are now available for Red Hat Linux 7.1 and 7.

XFree86 is an implementation of the X Window System providing the core graphical user interface and video drivers. Updated XFree86 packages for Red Hat Linux 7.3 are now available which include several security fixes, bug fixes, enhancements, and driver updates.

Updated XFree86 packages for Red Hat Linux 8.0 are now available which include several security fixes, bug fixes, enhancements, and driver updates.

Updated ypserv packages fixing a denial of service vulnerability are now available.

tcptraceroute is a setuid-root program which drops root privileges after obtaining a file descriptor used for raw packet capture. However, it did not fully relinquish all privileges, and in the event of an exploitable vulnerability, root privileges could be regained.

A number of string handling bugs were found in the packet dissectors in ethereal that can be exploited using specially crafted packets to cause ethereal to consume excessive amounts of memory, crash, or even execute arbitray code.

Updated Netscape 4.8 packages fixing various bugs and vulnerabilities are now available.

Steve Kemp discovered that osh, a shell intended to restrict the actions of the user, contains two buffer overflows, in processing environment variables and file redirections. These vulnerabilities could be used to execute arbitrary code, overriding any restrictions placed on the shell.

webfs, a lightweight HTTP server for static content, contains a buffer overflow whereby a long Request-URI in an HTTP request could cause arbitrary code to be executed.

Steve Kemp discovered several buffer overflows in xbl, a game, which can be triggered by long command line arguments. This vulnerability could be exploited by a local attacker to gain gid 'games'.

Orville Write, a replacement for the standard write(1) command, contains a number of buffer overflows. These could be exploited to gain either gid tty or root privileges, depending on the configuration selected when the package is installed.

eldav, a WebDAV client for Emacs, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of the user running emacs and eldav.

Updated Xpdf packages are available that fix a vulnerability where a malicious PDF document could run arbitrary code.

Precompiled Linux 2.4.21 kernels and source packages are now available for Slackware 9.0 and -current. These provide an improved version of the ptrace fix that had been applied to 2.4.20 in Slackware 9.0 (for example, command line options now appear correctly when root does 'ps ax'), and fix a potential denial of service problem with netfilter.

Several of the packet dissectors in ethereal contain string handling bugs which could be exploited using a maliciously crafted packet to cause ethereal to consume excessive amounts of memory, crash, or execute arbitrary code.

The jnethack package is vulnerable to a buffer overflow exploited via a long '-s' command line option. This vulnerability could be used by an attacker to gain gid 'games' on a system where jnethack is installed.

A Denial Of Service (DoS) vulnerability was discovered in BitchX that would allow a remote attacker to crash BitchX by changing certain channel modes. This vulnerability has been fixed in CVS and patched in the released updates.