Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7393 7394 7395 7396 7397 7398 7399 7400 7401 7402 7403 ... 7439 ) Next »
SuSE alert: perl-MailTools
The SuSE Security Team reviewed critical Perl modules, including the Mail::Mailer package. This package contains a security hole which allows remote attackers to execute arbitrary commands in certain circumstances. This is due to the usage of mailx as default mailer which allows commands to be embedded in the mail body. Vulnerable to this attack are custom auto reply programs or spam filters which use Mail::Mailer directly or indirectly.
Debian alert: New Apache packages fix several vulnerabilities
According to David Wagner, iDEFENSE and the Apache HTTP Server
Project, several remotely exploitable vulnerabilities have been found
in the Apache package, a commonly used webserver. These
vulnerabilities could allow an attacker to enact a denial of service
against a server or execute a cross scripting attack. The Common
Vulnerabilities and Exposures (CVE) project identified the following
vulnerabilities:
Debian alert: New log2mail packages fix several vulnerabilities
Enrico Zini discovered a buffer overflow in log2mail, a daemon for
watching logfiles and sending lines with matching patterns via mail.
The log2mail daemon is started upon system boot and runs as root. A
specially crafted (remote) log message could overflow a static buffer,
potentially leaving log2mail to execute arbitrary code as root.
Mandrake alert: mozilla update
Numerous security fixes are available in Mozilla 1.0.1. For a detailed list, refer to the "Recently fixed security issues" page on the Mozilla website (see the first reference). All users are encouraged to upgrade to this latest stable 1.0.x release of Mozilla.
Debian alert: New heimdal packages fix buffer overflows
A stack buffer overflow in the kadm_ser_wrap_in function in the
Kerberos v4 administration server was discovered, which is provided by
Heimdal as well. A working exploit for this kadmind bug is already
circulating, hence it is considered serious. The roken library also
contains a vulnerability which could lead to another root exploit.
SuSE alert: lprng/html2ps
The lprng package contains the "runlpr" program which allows the lp user to execute the lpr program as root. Local attackers can pass certain commandline arguments to lpr running as root, fooling it to execute arbitrary commands as root. This has been fixed. Note that this vulnerability can only be exploited if the attacker has previously gained access to the lp account.
SuSE alert: syslog-ng
The syslog-ng package is a portable syslog implementation which can be used as syslogd replacement. Syslog-ng contained buffer overflows in its macro expansion routines. These overflows could be triggered by remote attackers if certain configuration options were enabled. Syslog-ng is not used by default on SuSE Linux, and even if installed, the problematic options are not enabled by default. We recommend an update of the syslog-ng package nevertheless if you use syslog-ng for logging. To be sure the update takes effect you have to restart the daemon by issuing the following command as root:
Debian alert: New krb4 packages fix buffer overflow
Tom Yu and Sam Hartman of MIT discovered another stack buffer overflow
in the kadm_ser_wrap_in function in the Kerberos v4 administration
server. This kadmind bug has a working exploit code circulating,
hence it is considered serious.
Mandrake alert: krb5 update
A stack buffer overflow in the implementation of the Kerberos v4 compatibility administration daemon (kadmind4) in the krb5 package can be exploited to gain unauthorized root access to a KDC host. Authentication to the daemon is not required to successfully perform the attack and according to MIT at least one exploit is known to exist. kadmind4 is used only by sites that require compatibility with legacy administrative clients, and sites that do not have these needs are likely not using kadmind4 and are not affected. MandrakeSoft encourages all users who use Kerberos to upgrade to these packages immediately.
Debian alert: New krb5 packages fix buffer overflow
Tom Yu and Sam Hartman of MIT discovered another stack buffer overflow
in the kadm_ser_wrap_in function in the Kerberos v4 administration
server. This kadmind bug has a working exploit code circulating,
hence it is considered serious. The MIT krb5 implementation
includes support for version 4, including a complete v4 library,
server side support for krb4, and limited client support for v4.
Debian alert: New kghostview packages fix buffer overflow
Zen-parse discovered a buffer overflow in gv, a PostScript and PDF
viewer for X11. The same code is present in kghostview which is part
of the KDE-Graphics package. This problem is triggered by scanning
the PostScript file and can be exploited by an attacker sending a
malformed PostScript or PDF file. The attacker is able to cause
arbitrary code to be run with the privileges of the victim.
Mandrake alert: mod_ssl update
A cross-site scripting vulnerability was discovered in mod_ssl by Joe Orton. This only affects servers using a combination of wildcard DNS and "UseCanonicalName off" (which is not the default in Mandrake Linux). With this setting turned off, Apache will attempt to use the hostname:port that the client supplies, which is where the problem comes into play. With this setting turned on (the default), Apache constructs a self-referencing URL and will use ServerName and Port to form the canonical name. It is recommended that all users upgrade, regardless of the setting of the "UseCanonicalName" configuration option.
Mandrake alert: kdegraphics update
A vulnerability exists in KGhostview, part of the kdegraphics package. It includes a DSC 3.0 parser from GSview then is vulnerable to a buffer overflow while parsing a specially crafted .ps file. It also contains code from gv which is vulnerable to a similar buffer overflow triggered by malformed PostScript and PDF files. This has been fixed in KDE 3.0.4 and patches have been applied to correct these packages.
Red Hat alert: Updated ypserv packages fixes memory leak
Updated ypserv packages which fix a memory leak are now available for Red
Hat Linux 7.x and 6.
Mandrake alert: tetex update
A vulnerability was discovered in dvips by Olaf Kirch that would allow remote users with access to the printer to execute commands as the lp user through sending special print jobs to the printer.
Debian alert: New mod_ssl packages fix cross site scripting
Joe Orton discovered a cross site scripting problem in mod_ssl, an
Apache module that adds Strong cryptography (i.e. HTTPS support) to
the webserver. The module will return the server name unescaped in
the response to an HTTP request on an SSL port.
Mandrake alert: gv update
A buffer overflow was discovered in gv versions 3.5.8 and earlier by Zen Parse. The problem is triggered by scanning a file and can be exploited by an attacker sending a malformed PostScript or PDF file. This would result in arbitrary code being executed with the privilege of the user viewing the file. ggv uses code derived from gv and has the same vulnerability. These updates provide patched versions of gv and ggv to fix the vulnerabilities.
SuSE alert: postgresql
The PostgreSQL Object-Relational DBMS was found vulnerable to several security related buffer overflow problems. The buffer overflows are located in: * handling long datetime input * lpad() and rpad() function with multibyte * repeat() function * TZ and SET TIME ZONE environment variables These bugs could just be exploited by attackers who have access to the postgresql server to gain the privileges postgres user ID .
Debian alert: New NIS packages fix information leak
Thorsten Kukuck discovered a problem in the ypserv program which is
part of the Network Information Services (NIS). A memory leak in all
versions of ypserv prior to 2.5 is remotely exploitable. When a
malicious user could request a non-existing map the server will leak
parts of an old domainname and mapname.
Debian alert: New gnome-gv packages fix buffer overflow
Zen-parse discovered a buffer overflow in gv, a PostScript and PDF
viewer for X11. The same code is present in gnome-gv. This problem
is triggered by scanning the PostScript file and can be exploited by
an attacker sending a malformed PostScript or PDF file. The attacker
is able to cause arbitrary code to be run with the privileges of the
victim.
« Previous ( 1 ... 7393 7394 7395 7396 7397 7398 7399 7400 7401 7402 7403 ... 7439 ) Next »