Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7404 7405 7406 7407 7408 7409 7410 7411 7412 7413 7414 ... 7439 ) Next »
Debian alert: sudo buffer overflow
fc found a buffer overflow in the variable expansion code
used by sudo for its prompt. Since sudo is necessarily installed suid
root a local user can use this to gain root access.
Mandrake alert: imlib update
Previous versions of imlib, prior to 1.9.13, would fall back to the NetPBM library which is not suitable for loading untrusted images due to various problem in it's code. The new imlib also fixes some problems with arguments passed to malloc(). These problems could allow attackers to construct images that could cause crashes or, potentially, the execution of arbitrary code when said images are loaded by a viewer that uses imlib. Thanks to Alan Cox and Al Viro for discovering the problems.
Mandrake alert: sudo update
A problem was discovered by fc, with further research by Global InterSec, in the sudo program with the password prompt parameter (-p). Sudo can be tricked into allocating less memory than it should for the prompt and in certain conditions it is possible to exploit this flaw to corrupt the heap in such a way that could be used to execute arbitary commands. Because sudo is generally suid root, this can lead to an elevation of privilege for local users.
Red Hat alert: Updated icecast packages are available
Updated icecast packages are available which fix a number of security issues.
Red Hat alert: Updated sudo packages are available
Updated sudo packages are available which fix a local root exploit.
Red Hat alert: Updated sudo packages are available
Updated sudo packages are available which fix a local root exploit.
Red Hat alert: Updated sudo packages are available
Updated sudo packages are available which fix a local root exploit.
Slackware alert: sudo upgrade fixes a potential vulnerability
New sudo packages are available to fix a security problem which may allow
users to become root, or to execute arbitrary code as root.
Mandrake alert: rsync update
Ethan Benson discovered a bug in rsync where the supplementary groups that the rsync daemon runs as (such as root) would not be removed from the server process after changing to the specified unprivileged uid and gid. This seems only serious if rsync is called using "rsync --daemon" from the command line where it will inherit the group of the user starting the server (usually root). Note that, by default, Mandrake Linux uses xinetd to handle connections to the rsync daemon. This was fixed upstream in version 2.5.3, as well as the previously noted zlib fixes (see MDKSA-2002:023). The authors released 2.5.4 with some additional zlib fixes, and all users are encouraged to upgrade to this new version of rsync. Update: Mandrake Linux 8.1/ia64 packages are now available.
Debian alert: buffer overflow in xpilot-server
An internal audit by the xpilot (a multi-player tactical manoeuvring
game for X) maintainers revealed a buffer overflow in xpilot server.
This overflow can be abused by remote attackers to gain access to
the server under which the xpilot server is running.
Mandrake alert: squid update
Error and boundary conditions were not checked when handling compressed
DNS answer messages in the internal DNS code (lib/rfc1035.c). A
malicous DNS server could craft a DNS reply that causes Squid to exit
with a SIGSEGV.
Debian alert: Horde and IMP cross-site scripting attack
A cross-site scripting (CSS) problem was discovered in Horde and IMP (a web
based IMAP mail package). This was fixed upstream in Horde version 1.2.8
and IMP version 2.2.8. The relevant patches have been back-ported to
version 1.2.6-0.potato.5 of the horde package and version 2.2.6-0.potato.5
of the imp package.
Mandrake alert: libsafe update
Wojciech Purczynski discovered that format string protection in libsafe can be easily bypassed by using flag characters that are implemented in glibc but are not implemented in libsafe. It was also discovered that *printf function wrappers incorrectly parse argument indexing in format strings, making some incorrect assumptions on the number of arguments and conversion specifications. These problems were fixed by the libsafe authors in 2.0-12.
Red Hat alert: Updated tcpdump packages available for Red Hat Linux 6.2 and 7.x
Updated tcpdump, libpcap, and arpwatch packages are available for Red
Hat Linux 6.2 and 7.x. These updates close vulnerabilities
present in versions of tcpdump up to 3.5.1 and various other bugs.
Red Hat alert: Updated tcpdump packages available for Red Hat Linux 6.2 and 7.x
Updated tcpdump, libpcap, and arpwatch packages are available for Red
Hat Linux 6.2 and 7.x. These updates close vulnerabilities
present in versions of tcpdump up to 3.5.1 and various other bugs.
SuSE alert: ucdsnmp
The Secure Programming Group of the Oulu University, Sweden released a testing suite for SNMP implementations. Several bugs could be triggered in the ucd-snmpd code by using this testing suite. These bugs lead to remote denial-of-service attacks and may possibly exploited to break system security remotely. Additionally, the SuSE Security Team did a full audit of the ucd-snmpd code and we hope to avoid more problems caused by other bugs in the future.
Red Hat alert: Race conditions in logwatch
Updated LogWatch packages are available that fix tmp file race conditions
which can cause a local user to gain root privileges.
Red Hat alert: Race conditions in logwatch
Updated LogWatch packages are available that fix tmp file race conditions
which can cause a local user to gain root privileges.
Debian alert: New analog packages fix cross-site scripting vulnerability
Yuji Takahashi discovered a bug in analog which allows a cross-site
scripting type attack. It is easy for an attacker to insert arbitrary
strings into any web server logfile. If these strings are then
analysed by analog, they can appear in the report. By this means an
attacker can introduce arbitrary Javascript code, for example, into an
analog report produced by someone else and read by a third person.
Analog already attempted to encode unsafe characters to avoid this
type of attack, but the conversion was incomplete.
Debian alert: New mtr packages fix buffer overflow
The authors of mtr released a new upstream version, noting a
non-exploitable buffer overflow in their ChangeLog. Przemyslaw
Frasunek, however, found an easy way to exploit this bug, which allows
an attacker to gain access to the raw socket, which makes IP spoofing
and other malicious network activity possible.
« Previous ( 1 ... 7404 7405 7406 7407 7408 7409 7410 7411 7412 7413 7414 ... 7439 ) Next »