Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7391 7392 7393 7394 7395 7396 7397 7398 7399 7400 7401 ... 7439 ) Next »

Debian alert: New IM packages fix insecure temporary file creation

  • Mailing list (Posted by dave on Dec 3, 2002 5:53 AM EDT)
  • Story Type: Security; Groups: Debian
Tatsuya Kinoshita discovered that IM, which contains interface commands and Perl libraries for E-mail and NetNews, creates temporary files insecurely.

Mandrake alert: Updated WindowMaker packages fix buffer overflow vulnerability

Al Viro discovered a vulnerability in the WindowMaker window manager. A function used to load images, for example when configuring a new background image or previewing themes, contains a buffer overflow. The function calculates the amount of memory necessary to load the image by doing some multiplication but does not check the results of this multiplication, which may not fit into the destination variable, resulting in a buffer overflow when the image is loaded.

Mandrake alert: Updated pine packages fix buffer overflow vulnerability

A vulnerability was discovered in pine while parsing and escaping characters of email addresses; not enough memory is allocated for storing the escaped mailbox part of the address. The resulting buffer overflow on the heap makes pine crash. This new version of pine, 4.50, has the vulnerability fixed. It also offers many other bug fixes and new features.

Red Hat alert: Updated xinetd packages fix denial of service vulnerability

  • Mailing list (Posted by dave on Dec 2, 2002 11:38 AM EDT)
  • Story Type: Security; Groups: Red Hat
Xinetd contains a denial-of-service (DoS) vulnerability. UPDATE 2002-12-02: Updated packages are available to fix issues encountered with the previous errata packages.

Debian alert: New Free/SWan packages fix denial of service

  • Mailing list (Posted by dave on Dec 2, 2002 6:22 AM EDT)
  • Story Type: Security; Groups: Debian
Bindview discovered a problem in several IPSEC implementations that do not properly handle certain very short packets. IPSEC is a set of security extensions to IP which provide authentication and encryption. Free/SWan in Debain is affected by this and is said to cause a kernel panic.

Mandrake alert: Updated sendmail packages fix smrsh insecurities

A vulnerability was discovered by zen-parse and Pedram Amini in the sendmail MTA. They found two ways to exploit smrsh, an application intended as a replacement for the sh shell for use with sendmail; the first by inserting specially formatted commands in the ~/.forward file and secondly by calling smrsh directly with special options. These can be exploited to give users with no shell account, or those not permitted to execute certain programs or commands, the ability to bypass these restrictions.

Mandrake alert: Updated python packages fix local arbitrary code execution vulnerability

A vulnerability was discovered in python by Zack Weinberg in the way that the execvpe() method from the os.py module uses a temporary file name. The file is created in an unsafe manner and execvpe() tries to execute it, which can be used by a local attacker to execute arbitrary code with the privilege of the user running the python code that is using this method.

Mandrake alert: Updated samba packages fix potential root compromise

A vulnerability in samba versions 2.2.2 through 2.2.6 was discovered by the Debian samba maintainers. A bug in the length checking for encrypted password change requests from clients could be exploited using a buffer overrun attack on the smbd stack. This attack would have to crafted in such a way that converting a DOS codepage string to little endian UCS2 unicode would translate into an executable block of code.

Red Hat alert: New kernel 2.2 packages fix local denial of service issue

  • Mailing list (Posted by dave on Nov 25, 2002 8:43 AM EDT)
  • Story Type: Security; Groups: Red Hat
The kernel in Red Hat Linux 6.2 and 7 is vulnerable to a local denial of service attack.

SuSE alert: pine

  • Mailing list (Posted by dave on Nov 25, 2002 1:52 AM EDT)
  • Story Type: Security; Groups: SUSE
Pine, Program for Internet News and Email, is a well known and widely used eMail client. While parsing and escaping characters of eMail addresses pine does not allocate enough memory for storing the escaped mailbox part of an address. This results in a buffer overflow on the heap that will make pine crash. The offending eMail can just be deleted manually or by using another mail user agent.

Debian alert: Samba buffer overflow

  • Mailing list (Posted by dave on Nov 22, 2002 11:21 AM EDT)
  • Story Type: Security; Groups: Debian
Steve Langasek found an exploitable bug in the password handling code in samba: when converting from DOS code-page to little endian UCS2 unicode a buffer length was not checked and a buffer could be overflowed. There is no known exploit for this, but an upgrade is strongly recommended.

Red Hat alert: New samba packages available to fix potential security vulnerability

  • Mailing list (Posted by dave on Nov 22, 2002 8:33 AM EDT)
  • Story Type: Security; Groups: Red Hat
New samba packages are available that fix a security vulnerability present in samba versions

Debian alert: New security.debian.org server after fire in Twente

  • Mailing list (Posted by dave on Nov 21, 2002 11:44 PM EDT)
  • Story Type: Security; Groups: Debian
Around 08:00 CET on November 20th, the University of Twente Network Operations Center (NOC) caught fire. The building has burnt to the ground. The fire department has given up every hope on protecting the server area. Among other things the NOC hosted satie.debian.org which contained the security archive for the Debian distribution.

Mandrake alert: Updated kdenetwork packages fix remote command execution vulnerabilites

The SuSE security team discovered two vulnerabilities in the KDE lanbrowsing service during an audit. The LISa network daemon and "reslisa", a restricted version of LISa are used to identify servers on the local network by using the URL type "lan://" and "rlan://" respectively. A buffer overflow was discovered in the lisa daemon that can be exploited by an attacker on the local network to obtain root privilege on a machine running the lisa daemon. Another buffer overflow was found in the lan:// URL handler, which can be exploited by a remote attacker to gain access to the victim user's account.

Mandrake alert: Updated kdelibs packages fix remote command execution vulnerabilites

Vulnerabilities were discovered in the KIO subsystem support for various network protocols. The implementation of the rlogin protocol affects all KDE versions from 2.1 up to 3.0.4, while the flawed implementation of the telnet protocol only affects KDE 2.x. They allow a carefully crafted URL in an HTML page, HTML email, or other KIO-enabled application to execute arbitrary commands as the victim with their privilege.

SuSE alert: samba

  • Mailing list (Posted by dave on Nov 20, 2002 8:03 AM EDT)
  • Story Type: Security; Groups: SUSE
Samba developer Steve Langasek found a security problem in samba, the widely known free implementation of the SMB protocol.

Debian alert: New mhonarc packages fix cross site scripting

  • Mailing list (Posted by dave on Nov 19, 2002 6:15 AM EDT)
  • Story Type: Security; Groups: Debian
Steven Christey discovered a cross site scripting vulnerability in mhonarc, a mail to HTML converter. Carefully crafted message headers can introduce cross site scripting when mhonarc is configured to display all headers lines on the web. However, it is often useful to restrict the displayed header lines to To, From and Subject, in which case the vulnerability cannot be exploited.

Debian alert: New nullmailer packages fix local denial of service

  • Mailing list (Posted by dave on Nov 18, 2002 6:24 AM EDT)
  • Story Type: Security; Groups: Debian
A problem has been discovered in nullmailer, a simple relay-only mail transport agent for hosts that relay mail to a fixed set of smart relays. When a mail is to be delivered locally to a user that doesn't exist, nullmailer tries to deliver it, discovers a user unknown error and stops delivering. Unfortunately, it stops delivering entirely, not only this mail. Hence, it's very easy to craft a denial of service.

Red Hat alert: New kernel fixes local denial of service issue

  • Mailing list (Posted by dave on Nov 16, 2002 2:07 AM EDT)
  • Story Type: Security; Groups: Red Hat
The kernel in Red Hat Linux 7.1, 7.1K, 7.2, 7.3, and 8.0 are vulnerable to a local denial of service attack. Updated packages are available which address this vulnerability, as well as bugs in several drivers.

Debian alert: New sqwebmail packages fix local information exposure

  • Mailing list (Posted by dave on Nov 15, 2002 6:36 AM EDT)
  • Story Type: Security; Groups: Debian
A problem in the Courier sqwebmail package, a CGI program to grant authenticated access to local mailboxes, has been discovered. The program did not drop permissions fast enough upon startup under certain circumstances so a local shell user can execute the sqwebmail binary and manage to read an arbitrary file on the local filesystem.

« Previous ( 1 ... 7391 7392 7393 7394 7395 7396 7397 7398 7399 7400 7401 ... 7439 ) Next »