Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7393 7394 7395 7396 7397 7398 7399 7400 7401 7402 7403 ... 7418 ) Next »
Red Hat alert: New util-linux packages available to fix /bin/login pam problem
New util-linux packages are available that fix a problem with /bin/login's
PAM implementation. This could, in some non-default setups, cause users to
receive credentials of other users. It is recommended that all users
update to the fixed packages.
Red Hat alert: New util-linux packages available to fix /bin/login pam problem
New util-linux packages are available that fix a problem with /bin/login's
PAM implementation. This could, in some non-default setups, cause users to
receive credentials of other users. It is recommended that all users
update to the fixed packages.
Red Hat alert: Updated openssh packages available
Updated openssh packages are now available for Red Hat Linux 7 and 7.1.
These packages fix a vulnerability which may allow unauthorized users to
log in from hosts that have been denied access.
Red Hat alert: New Zope packages are available
New Zope packages are available which fix a security flaw with DTML
scripting.
SuSE alert: lprold
ISS X-Force reported an overflow in BSD's lineprinter daemon shipped with the lprold package in SuSE Linux.
Red Hat alert: New Samba packages available for Red Hat Linux 5.2, 6.2, 7 and 7.1
New Samba packages are available for Red Hat Linux 5.2, 6.2, 7, and 7.1.
These packages fix a security problem with remote clients giving special
NetBIOS names to the server.
It is recommended that all Samba users upgrade to the fixed packages.
Please note that the packages for Red Hat Linux 6.2 require an updated
logrotate package.
UPDATE: The packages for Red Hat Linux 5.2 have been updated. The original
packages detected the availability of syscalls present in kernels newer
than
Red Hat alert: New squid packages available to fix FTP-based DoS
New squid packages are available that fix a potential DoS in Squid's FTP
handling code. It is recommened that squid users update to the fixed
packages.
The packages for Red Hat Linux 6.2 also fix the problem described in
RHSA-2001:097-04; it was later discovered that Red Hat Linux 6.2 is
vulnerable to the same problem in accelerator-only mode.
Red Hat alert: Insecure setserial initscript
The initscript distributed with the setserial package (which is not
installed or enabled by default) uses predictable temporary file names, and
should not be used. setserial-
Red Hat alert: Insecure setserial initscript
The initscript distributed with the setserial package (which is not
installed or enabled by default) uses predictable temporary file names, and
should not be used. setserial-
Debian alert: New UUCP packages fix local exploit
zen-parse has found a problem with Taylor UUCP as distributed with
many GNU/Linux distributions. It was possible to make `uux' execute
`uucp' with malicious commandline arguments which gives an attacker
access to files owned by uid/gid uucp.
Debian alert: slrn command invocation
Byrial Jensen found a nasty problem in slrn (a threaded news reader).
The notice on slrn-announce describes it as follows:
Debian alert: squid FTP PUT problem
Vladimir Ivaschenko found a problem in squid (a popular proxy cache).
He discovered that there was a flaw in the code to handle FTP PUT
commands: when a mkdir-only request was done squid would detect
an internal error and exit. Since squid is configured to restart
itself on problems this is not a big problem.
Red Hat alert: Updated man package fixing GID security problems.
Updated man packages fixing a local GID man exploit and a
potential GID man to root exploit, as well as a problem with the
man paths of Red Hat Linux 5.x and 6.x.
Red Hat alert: Updated man package fixing GID security problems.
Updated man packages fixing a local GID man exploit and a
potential GID man to root exploit, as well as a problem with the
man paths of Red Hat Linux 5.x and 6.x.
SuSE alert: wmaker/WindowMaker
The window manager Window Maker was found vulnerable to a buffer overflow due to improper bounds checking when setting the window title. An attacker can remotely exploit this buffer overflow by using malicious web page titles or terminal escape sequences to set a excessively long window title. This attack can lead to remote command execution with the privileges of the user running Window Maker.
Debian alert: New most packages available
Pavel Machek has found a buffer overflow in the `most' pager program.
The problem is part of most's tab expansion where the program would
write beyond the bounds two array variables when viewing a malicious
file. This could lead into other data structures being overwritten
which in turn could enable most to execute arbitrary code being able
to compromise the users environment.
Red Hat alert: New bugzilla packages are available
The updated bugzilla package fixes numerous security issues which were
present in previous releases of bugzilla.
Red Hat alert: New bugzilla packages are available
The updated bugzilla package fixes numerous security issues which were
present in previous releases of bugzilla.
Red Hat alert: New bugzilla packages are available
The updated bugzilla package fixes numerous security issues which were
present in previous releases of bugzilla.
Red Hat alert: New bugzilla packages are available
The updated bugzilla package fixes numerous security issues which were
present in previous releases of bugzilla.
« Previous ( 1 ... 7393 7394 7395 7396 7397 7398 7399 7400 7401 7402 7403 ... 7418 ) Next »