Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7374 7375 7376 7377 7378 7379 7380 7381 7382 7383 7384 ... 7440 ) Next »

Slackware alert: REVISED quotacheck security fix in rc.M (SSA:2003-141-06a)

NOTE: The original advisory quotes a section of the Slackware ChangeLog which had inadvertently reversed the options to quotacheck. The correct option to use is 'm'. A corrected advisory follows:

Slackware alert: quotacheck security fix in rc.M (SSA:2003-141-06)

An upgraded sysvinit package is available which fixes a problem with the use of quotacheck in /etc/rc.d/rc.M. The original version of rc.M calls quotacheck like this:

Slackware alert: mod_ssl RSA blinding fixes (SSA:2003-141-05)

An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available. This version provides RSA blinding by default which prevents an extended timing analysis from revealing details of the secret key to an attacker. Note that this problem was already fixed within OpenSSL, so this is a "double fix". With this package, mod_ssl is secured even if OpenSSL is not.

Slackware alert: GnuPG key validation fix (SSA:2003-141-04)

A key validation bug which results in all user IDs on a given key being treated with the validity of the most-valid user ID on that key has been fixed with the release of GnuPG 1.2.2.

Slackware alert: glibc XDR overflow fix (SSA:2003-141-03)

An integer overflow in the xdrmem_getbytes() function found in the glibc library has been fixed. This could allow a remote attacker to execute arbitrary code by exploiting RPC service that use xdrmem_getbytes(). None of the default RPC services provided by Slackware appear to use this function, but third-party applications may make use of it.

Slackware alert: BitchX security fixes (SSA:2003-141-02)

New BitchX packages are available to fix security problems found by Timo Sirainen. BitchX is an IRC (Internet Relay Chat) client. Under certain circumstances, a malicious IRC server could cause BitchX to crash, or possibly to run arbitrary code as the user running BitchX.

Slackware alert: EPIC4 security fixes (SSA:2003-141-01)

New EPIC4 packages are available to fix security problems found by Timo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client. Under certain circumstances, a malicious IRC server could cause EPIC4 to crash, or possibly to run arbitrary code as the user running EPIC4.

Mandrake alert: Updated LPRng packages fix insecure temporary file vulnerability

Karol Lewandowski discovered a problem with psbanner, a printer filter that creates a PostScript format banner. psbanner creates a temporary file for debugging purposes when it is configured as a filter, and does not check whether or not this file already exists or is a symlink. The filter will overwrite this file, or the file it is pointing to (if it is a symlink) with its current environment and called arguments with the user id that LPRng is running as.

Mandrake alert: Updated lpr packages fix local root vulnerability

A buffer overflow was discovered in the lpr printer spooling system that can be exploited by a local user to gain root privileges. This can be done even if the printer is configured properly.

Mandrake alert: Updated cdrecord packages fix local root compromise

A vulnerability in cdrecord was discovered that can be used to obtain root access because Mandrake Linux ships with the cdrecord binary suid root and sgid cdwriter.

Red Hat alert: Updated gnupg packages fix validation bug

  • Mailing list (Posted by dave on May 20, 2003 7:46 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated gnupg packages correcting a bug in the GnuPG key validation functions are now available.

Debian alert: New BitchX packages fix DoS and arbitrary code execution

  • Mailing list (Posted by dave on May 19, 2003 4:38 AM EDT)
  • Story Type: Security; Groups: Debian
Timo Sirainen discovered several problems in BitchX, a popular client for Internet Relay Chat (IRC). A malicious server could craft special reply strings, triggering the client to write beyond buffer boundaries or allocate a negative amount of memory. This could lead to a denial of service if the client only crashes, but may also lead to executing of arbitrary code under the user id of the chatting user.

Red Hat alert: Updated lv packages fix vulnerability

  • Mailing list (Posted by dave on May 16, 2003 2:14 AM EDT)
  • Story Type: Security; Groups: Red Hat
New lv packages that fix the possibility of local root exploit are now available.

Debian alert: New sendmail packages fix insecure temporary file creation

  • Mailing list (Posted by dave on May 15, 2003 4:21 PM EDT)
  • Story Type: Security; Groups: Debian
Paul Szabo discovered bugs in three scripts included in the sendmail package where temporary files were created insecurely (expn, checksendmail and doublebounce.pl). These bugs could allow an attacker to gain the privileges of a user invoking the script (including root).

Debian alert: New mysql packages fix multiple vulnerabilities

  • Mailing list (Posted by dave on May 15, 2003 4:13 PM EDT)
  • Story Type: Security; Groups: Debian
CAN-2003-0073: The mysql package contains a bug whereby dynamically allocated memory is freed more than once, which could be deliberately triggered by an attacker to cause a crash, resulting in a denial of service condition. In order to exploit this vulnerability, a valid username and password combination for access to the MySQL server is required.

Debian alert: New lv packages fix local privilege escalation

  • Mailing list (Posted by dave on May 15, 2003 4:02 PM EDT)
  • Story Type: Security; Groups: Debian
Leonard Stiles discovered that lv, a multilingual file viewer, would read options from a configuration file in the current directory. Because such a file could be placed there by a malicious user, and lv configuration options can be used to execute commands, this represented a security vulnerability. An attacker could gain the privileges of the user invoking lv, including root.

Mandrake alert: Updated cdrecord packages fix local root compromise

A vulnerability in cdrecord was discovered that can be used to obtain root access because Mandrake Linux ships with the cdrecord binary suid root and sgid cdwriter.

Red Hat alert: Updated tcpdump packages fix privilege dropping error

  • Mailing list (Posted by dave on May 15, 2003 12:03 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated tcpdump packages that correctly drop privileges on startup are now available.

Mandrake alert: Updated MySQL packages fix vulnerability

In MySQL 3.23.55 and earlier, MySQL would create world-writeable files and allow mysql users to gain root privileges by using the "SELECT * INTO OUTFILE" operator to overwrite a configuration file, which could cause mysql to run as root upon restarting the daemon.

Mandrake alert: Updated xinetd packages fix DoS vulnerability

A vulnerability was discovered in xinetd where memory was allocated and never freed if a connection was refused for any reason. Because of this bug, an attacker could crash the xinetd server, making unavailable all of the services it controls. Other flaws were also discovered that could cause incorrect operation in certain strange configurations.

« Previous ( 1 ... 7374 7375 7376 7377 7378 7379 7380 7381 7382 7383 7384 ... 7440 ) Next »