Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7392 7393 7394 7395 7396 7397 7398 7399 7400 7401 7402 ... 7418 ) Next »
Red Hat alert: New kernel 2.4 packages are available
A vulnerability has been found in the ptrace code of the kernel (ptrace is
the part that allows program debuggers to run) that could be abused by
local users to gain root privileges.
2001-10-22: Kernel updates are now available for Red Hat Linux 7.
Announcing the availability of Red Hat Linux 7.2 (Enigma)
Red Hat, Inc. (NASDAQ:RHAT)
today announced that Red Hat Linux 7.2 and Red Hat Linux Professional are
now available in stores, through computer resellers and direct from Red Hat.
The latest version of the market leading Linux distribution adds significant
new capabilities, both for use as a workstation and use as a server. Red Hat
Linux 7.2 and Red Hat Linux Professional will also be available through
hardware partners in the coming weeks.
Red Hat alert: New squid packages available to fix FTP-based DoS
New squid packages are available that fix a potential DoS in Squid's FTP
handling code. It is recommened that squid users update to the fixed
packages.
The packages for Red Hat Linux 6.2 also fix the problem described in
RHSA-2001:097-04; it was later discovered that Red Hat Linux 6.2 is
vulnerable to the same problem in accelerator-only mode.
2001-10-22: Packages are now available for Red Hat Linux 7.
Red Hat alert: New squid packages available to fix FTP-based DoS
New squid packages are available that fix a potential DoS in Squid's FTP
handling code. It is recommened that squid users update to the fixed
packages.
The packages for Red Hat Linux 6.2 also fix the problem described in
RHSA-2001:097-04; it was later discovered that Red Hat Linux 6.2 is
vulnerable to the same problem in accelerator-only mode.
2001-10-22: Packages are now available for Red Hat Linux 7.
Red Hat alert: New util-linux packages available to fix /bin/login pam problem
New util-linux packages are available that fix a problem with /bin/login's
PAM implementation. This could, in some non-default setups, cause users to
receive credentials of other users. It is recommended that all users
update to the fixed packages.
2001-10-22: Packages are now available for Red Hat Linux 7.
Red Hat alert: Updated openssh packages available
Updated openssh packages are now available for Red Hat Linux 7 and 7.1.
These packages fix a vulnerability which may allow unauthorized users to
log in from hosts that have been denied access.
2001-10-22: Pacakges are now available for Red Hat Linux 7.
Red Hat alert: New util-linux packages available to fix /bin/login pam problem
New util-linux packages are available that fix a problem with /bin/login's
PAM implementation. This could, in some non-default setups, cause users to
receive credentials of other users. It is recommended that all users
update to the fixed packages.
2001-10-22: Packages are now available for Red Hat Linux 7.
Red Hat alert: Updated openssh packages available
Updated openssh packages are now available for Red Hat Linux 7 and 7.1.
These packages fix a vulnerability which may allow unauthorized users to
log in from hosts that have been denied access.
2001-10-22: Pacakges are now available for Red Hat Linux 7.
Debian alert: New nvi packages fix format string vulnerability
Takeshi Uno found a very stupid format string vulnerability in all
versions of nvi (in both, the plain and the multilingualized version).
When a filename is saved, it ought to get displayed on the screen.
The routine handling this didn't escape format strings.
Red Hat alert: Updated diffutils packages available
Updated diffutils packages are now available, fixing a temporary file
handling vulnerability in the sdiff program.
Red Hat alert: New kernel 2.2 packages are available
A vulnerability has been found in the ptrace code of the kernel (ptrace is
the part that allows program debuggers to run) that could be abused by
local users to gain root privileges.
Red Hat alert: New kernel 2.4 packages are available
A vulnerability has been found in the ptrace code of the kernel (ptrace is
the part that allows program debuggers to run) that could be abused by
local users to gain root privileges.
Red Hat alert: New kernel 2.4 packages are available
A vulnerability has been found in the ptrace code of the kernel (ptrace is
the part that allows program debuggers to run) that could be abused by
local users to gain root privileges.
Red Hat alert: New kernel 2.4 packages are available
A vulnerability has been found in the ptrace code of the kernel (ptrace is
the part that allows program debuggers to run) that could be abused by
local users to gain root privileges.
Debian alert: New gftp packages won't display the password
Stephane Gaudreault told us that version 2.0.6a of gftp displays the
password in plain text on the screen within the log window when it is
logging into an ftp server. A malicious collegue who is watching the
screen could gain access to the users shell on the remote machine.
Debian alert: No w3m packages for powerpc available
In SNS Advisory No. 32 a buffer overflow vulnerability has been
reported in the routine which parses MIME headers that are returned
from web servers. A malicious web server administrator could exploit
this and let the client web browser execute arbitrary code.
Debian alert: New procmail packages fix insecure signal handling
Using older versions of procmail it was possible to make procmail
crash by sending it signals. On systems where procmail is installed
setuid this could be exploited to obtain unauthorized privileges.
Debian alert: News Xvt packages fix buffer overflow
Christophe Bailleux reported on bugtraq that Xvt is vulnerable to a
buffer overflow in its argument handling. Since Xvt is installed
setuid root, it was possible for a normal user to pass
carefully-crafted arguments to xvt so that xvt executed a root shell.
Debian alert: New w3m packages fix buffer overflow
In SNS Advisory No. 32 a buffer overflow vulnerability has been
reported in the routine which parses MIME headers that are returned
from web servers. A malicious web server administrator could exploit
this and let the client web browser execute arbitrary code.
Debian alert: New ht://Dig packages fix vulnerability
Nergal reported a vulnerability in the htsearch program which is
distributed as part of the ht://Dig package, a indexing and searching
system for small domains or intranets. Using former versions it was
able to pass the parameter `-c' to the cgi program in order to use a
different configuration file.
« Previous ( 1 ... 7392 7393 7394 7395 7396 7397 7398 7399 7400 7401 7402 ... 7418 ) Next »