Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7395 7396 7397 7398 7399 7400 7401 7402 7403 7404 7405 ... 7418 ) Next »

Debian alert: groff printf format problem

  • Mailing list (Posted by dave on Aug 10, 2001 9:18 AM EDT)
  • Story Type: Security; Groups: Debian
Zenith Parse found a security problem in groff (the GNU version of troff). The pic command was vulnerable to a printf format attack which made it possible to circumvent the -S option and execute arbitrary code.

Debian alert: netkit-telnet AYT buffer overflow

  • Mailing list (Posted by dave on Aug 9, 2001 4:20 PM EDT)
  • Story Type: Security; Groups: Debian
The telnet daemon contained in the netkit-telnet_0.16-4potato1 package in the 'stable' (potato) distribution of Debian GNU/Linux is vulnerable to an exploitable overflow in its output handling. The original bug was found by <scut@nb.in-berlin.de>, and announced to bugtraq on Jul 18 2001. At that time, netkit-telnet versions after 0.14 were not believed to be vulnerable. On Aug 10 2001, zen-parse posted an advisory based on the same problem, for all netkit-telnet versions below 0.17. More details can be found on http://www.securityfocus.com/archive/1/203000 . As Debian uses the 'telnetd' user to run in.telnetd, this is not a remote root compromise on Debian systems; the 'telnetd' user can be compromised.

Debian alert: fetchmail remote exploit

  • Mailing list (Posted by dave on Aug 9, 2001 4:07 PM EDT)
  • Story Type: Security; Groups: Debian
Salvatore Sanfilippo found two remotely exploitable problems in fetchmail while doing a security audit. In both the imap and pop3 code the input is not verified and used to store a number in an array. Since no bounds checking is done this can be used by an attacker to write arbitrary data in memory. An attacker can use this if we can get a user to transfer mail from a custom imap or pop3 server he controls.

Red Hat alert: New telnet packages available to fix buffer overflow vulnerabilities

  • Mailing list (Posted by dave on Aug 9, 2001 2:15 PM EDT)
  • Story Type: Security; Groups: Red Hat
New telnet, telnet-server packages are available for Red Hat Linux 5.2, 6.2, 7.0 and 7.1. These packages fix a problem where buffer overflows can provide root access to local users. It is recommended that all users update to the fixed packages.

Red Hat alert: Updated OpenLDAP packages available for Red Hat Linux 6.2, 7, and 7.1

  • Mailing list (Posted by dave on Aug 9, 2001 1:42 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated openldap packages are now available for Red Hat Linux 6.2, 7, and 7.1. These packages include fixes for problems which could allow a malicious remote user to crash a server.

Debian alert: xloadimage buffer overflow

  • Mailing list (Posted by dave on Aug 9, 2001 11:45 AM EDT)
  • Story Type: Security; Groups: Debian
The version of xloadimage (a graphics files viewer for X) that was shipped in Debian GNU/Linux 2.2 has a buffer overflow in the code that handles FACES format images. This could be exploited by an attacker by tricking someone into viewing a specially crafted image using xloadimage which would allow him to execute arbitrary code.

Debian alert: OpenLDAP DoS

  • Mailing list (Posted by dave on Aug 9, 2001 10:12 AM EDT)
  • Story Type: Security; Groups: Debian
CERT released their advisory CA-2001-18 which lists a number of vulnerabilities in various LDAP implementations. based on the results of the PROTOS LDAPv3 test suite. These tests found one problem in OpenLDAP, a free LDAP implementation that is shipped as part of Debian GNU/Linux 2.2.

SuSE alert: xmcd

  • Mailing list (Posted by dave on Aug 3, 2001 9:14 AM EDT)
  • Story Type: Security; Groups: SUSE
Cda, a setuid commandline part of xmcd, a X11/Motif audio CD player by Ti Kan <ti@amb.org>, was found vulnerable by a link attack and some bufferoverflows. These bugs could be exploited by an adversary, who has access to the system, to overwrite files or gain higher privileges.

Debian alert: New versions of apache, fixes index bug

  • Mailing list (Posted by dave on Jul 27, 2001 4:59 PM EDT)
  • Story Type: Security; Groups: Debian
We have received reports that the 'apache' http daemon, as included in the Debian 'stable' distribution, is vulnerable to the 'artificially long slash path directory listing vulnerability' as described in http://www.securityfocus.com/vdb/bottom.html?vid=2503 .

SuSE alert: xli/xloadimage

  • Mailing list (Posted by dave on Jul 24, 2001 9:49 AM EDT)
  • Story Type: Security; Groups: SUSE
xli, aka xloadimage, a image viewer for X11 is used by Netscape's plugger to display TIFF-, PNG- and Sun-Raster-images. The plugger configuration file is /etc/pluggerrc. Due to missing boundary checks in the xli code a buffer overflow could be triggered by an external attacker to execute commands on the victim's system. An exploit is publically available.

Red Hat alert: New squid packages for Red Hat Linux 7.0

  • Mailing list (Posted by dave on Jul 19, 2001 12:40 PM EDT)
  • Story Type: Security; Groups: Red Hat
New squid packages are available for Red Hat Linux 7.0 that fix a possible security problem with Squid's HTTP accelerator feature. If Squid was configured in accelerator-only mode, it was possible for remote users to portscan machines through the Squid proxy, potentially allowing for access to machines not otherwise available. It is recommended that users who use Squid in accelerator-only mode update to the fixed packages. Note that Red Hat Linux 7.1 is not affected by this vulnerability, nor are releases prior to Red Hat Linux 7.0.

Red Hat alert: Updated procmail packages available for Red Hat Linux 5.2, 6.2, 7 and 7.1

  • Mailing list (Posted by dave on Jul 19, 2001 12:22 PM EDT)
  • Story Type: Security; Groups: Red Hat
Procmail, an autonomous mail processor, as shipped in Red Hat Linux 5.2, 6.2, 7, and 7.1, handles signals unsafely.

Red Hat alert: Updated openssl packages available

  • Mailing list (Posted by dave on Jul 18, 2001 12:41 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated openssl packages are now available for Red Hat Linux 6.x and 7. These packages include security-related changes made in OpenSSL 0.9.6a and 0.9.6b which have been backported to previous versions released for Red Hat Linux. In addition, this advisory provides OpenSSL 0.9.6 packages for Red Hat Linux 7, which may be used by future updates to both Red Hat Linux 7 and Red Hat Linux 7.1.

Red Hat alert: New elm packages available for Red Hat Linux 5.2, 6.2, 7 and 7.1

  • Mailing list (Posted by dave on Jul 16, 2001 2:08 PM EDT)
  • Story Type: Security; Groups: Red Hat
New elm packages are available for Red Hat Linux 5.2, 6.2, 7 and 7.1. These packages fix a buffer overflow in the message-id handling.

Red Hat alert: New util-linux packages available to fix vipw permissions problems

  • Mailing list (Posted by dave on Jul 16, 2001 8:34 AM EDT)
  • Story Type: Security; Groups: Red Hat
New util-linux packages are available for Red Hat Linux 7.1. These packages fix a problem where vipw would leave the /etc/shadow file world-readable after editing it. It is recommended that all users update to the fixed packages. Also, if you have used vipw on Red Hat Linux 7.1 before, make sure to run (as root): chmod 0400 /etc/shadow

Debian alert: cfingerd remote exploit

  • Mailing list (Posted by dave on Jul 11, 2001 10:00 AM EDT)
  • Story Type: Security; Groups: Debian
Steven van Acker reported on bugtraq that the version of cfingerd (a configurable finger daemon) as distributed in Debian GNU/Linux 2.2 suffers from two problems:

Red Hat alert: New xloadimage packages available

  • Mailing list (Posted by dave on Jul 9, 2001 3:40 PM EDT)
  • Story Type: Security; Groups: Red Hat
These updated packages fix a buffer overflow in the faces reader. This is normally not a security problem; however, xloadimage is called by the 'plugger' program from inside Netscape to handle some image types. Hence, a remote site could cause arbitrary code to be executed as the user running Netscape. It is recommended that users of Netscape and plugger update to the fixed xloadimage packages. Plugger was shipped in Red Hat Powertools 6.2; if you have only installed packages from Red Hat Linux 6.2, you are not vulnerable to this exploit.

Red Hat alert: Updated xinetd package available for Red Hat Linux 7 and 7.1

  • Mailing list (Posted by dave on Jul 6, 2001 11:15 AM EDT)
  • Story Type: Security; Groups: Red Hat
A vulnerability has been found in xinetd's string handling.

SuSE alert: scotty

  • Mailing list (Posted by dave on Jul 2, 2001 8:25 AM EDT)
  • Story Type: Security; Groups: SUSE
Tkined's Scotty is a Tcl extension to build network management applications. Ntping, a ping/traceroute program, is part of the Scotty package. It's failure is to read a hostname as commandline option without checking the size. This leads to a bufferoverrun, that could be used to gain root privileges, because ntping is installed setuid root and is executeable by everyone.

SuSE alert: xinetd

  • Mailing list (Posted by dave on Jun 29, 2001 5:12 AM EDT)
  • Story Type: Security; Groups: SUSE
Zen-parse has reported a bug to Bugtraq which allows remote attackers to overflow a buffer in the logging routine of xinetd. During investigation we found that more problems exist within xinetd. Xinetd provides its own string-handling (snprintf()-like functions) routines and fails to handle length arguments of 0 properly. Instead of an immediate return it assumes 'no limit' for writing characters to the target-buffer. This can lead to overflows and arbitrary remote code-execution. Additionally xinetd now sets the correct umask before starting other deamons. Please update the packages immediately, kill the old deamon and start the new xinetd deamon with the

« Previous ( 1 ... 7395 7396 7397 7398 7399 7400 7401 7402 7403 7404 7405 ... 7418 ) Next »