Showing all newswire headlines

The developers of Bugzilla, a web-based bug tracking system, discovered a problem in the handling of more than 47 groups. When a new product is added to an installation with 47 groups or more and "usebuggroups" is enabled, the new group will be assigned a groupset bit using Perl math that is not exact beyond 2^48. This results in the new group being defined with a "bit" that has several bits set. As users are given access to the new group, those users will also gain access to spurious lower group privileges. Also, group bits were not always reused when groups were deleted.

Package : fetchmail, fetchmail-ssl Vulnerability : buffer overflows Problem-Type : remote Debian-specific: no

Package : htcheck Vulnerability : cross site scripting Problem-Type : remote Debian-specific: no

It has been discovered that tkmail creates temporary files insecurely. Exploiting this an attacker with local access can easily create and overwrite files as another user.

Updated fetchmail packages are available for Red Hat Linux 6.2, 7, 7.1, 7.2, 7.3, and 8.0 which close a remotely-exploitable vulnerability in unpatched versions of fetchmail prior to 6.1.0.

PHP is a well known and widely used web programming language. If a PHP script runs in "safe mode" several restrictions are applied to it including limits on execution of external programs.

HylaFAX is a client-server architecture for receiving and sending facsimiles.

A security vulnerability has been found in all Tomcat 4.x releases. This problem allows an attacker to use a specially crafted URL to return the unprocessed source code of a JSP page, or, under special circumstances, a static resource which would otherwise have been protected by security constraints, without the need for being properly authenticated.

Updated packages for ggv fix a local buffer overflow when reading malformed PDF or PostScript files.

Updated tcpdump, libpcap, and arpwatch packages are available for Red Hat Linux 6.2 and 7.x. These updates close a buffer overflow when handling NFS packets. [Update 3 October 2002] Replacement packages have been added for Red Hat Linux 6.2 as the previous packages could not be installed with the version of RPM that shipped with Red Hat Linux 6.

Updated nss_ldap packages are now available for Red Hat Linux 6.2, 7, 7.1, 7.2, and 7.3. These updates fix a potential buffer overflow which can occur when nss_ldap is set to configure itself using information stored in DNS, a format string bug in logging functions used in pam_ldap, and to properly handle truncated DNS responses.

Updated glibc packages are available to fix a buffer overflow in the resolver.

Several buffer overflows and a boundary check error were discovered in all fetchmail versions prior to 6.1.0 by e-matters GmbH. These problems are vulnerable to crashes and/or arbitrary code execution by remote attackers if fetchmail is running in multidrop mode. The code execution would be done with the same privilege as the user running fetchmail.

Vulnerabilities were discovered in the Postgresql relational database by Mordred Labs. These vulnerabilities are buffer overflows in the rpad(), lpad(), repeat(), and cash_words() functions. The Postgresql developers also fixed a buffer overflow in functions that deal with time/date and timezone. Finally, more buffer overflows were discovered by Mordred Labs in the 7.2.2 release that are currently only fixed in CVS.

The Heimdal package is a free Kerberos implementation offering flexible authentication mechanisms based on the Kerberos 5 and Kerberos 4 scheme. The SuSE Security Team has reviewed critical parts of the Heimdal package such as the kadmind and kdc server. While doing so several possible buffer overflows and other bugs have been uncovered and fixed. Remote attackers can probably gain remote root access on unpatched systems. Since these services run usually on authentication servers we consider these bugs to be very serious. An update is strongly recommended if you are using the Heimdal package.

RALEIGH, NC-September 30, 2002-Red Hat, Inc. (Nasdaq:RHAT) today released Red Hat Linux 8.0, a highly versatile operating system designed for personal and small business computing. Red Hat Linux 8.0 combines leading-edge Linux technologies with a new graphical look and feel that offers users a polished, easy-to-use operating environment.

The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction.

Wolfram Gloger discovered that the bugfix from DSA 149-1 unintentially replaced potential integer overflows in connection with malloc() with more likely divisions by zero. This called for an update. For completeness the original security advisory said:

Updated Zope packages are available which fix a number of security issues

A heap buffer overflow exists in the XDR decoder in glibc version 2.2.5 and earlier. XDR is a mechanism for encoding data structures for use with RPC, which is derived from Sun's RPC implementation which is likewise vulnerable to a heap overflow. Depending on the application, this vulnerability may be exploitable and could lead to arbitrary code execution. Thanks to Solar Designer for the patches used to correct this vulnerability.