Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7406 7407 7408 7409 7410 7411 7412 7413 7414 7415 7416 ... 7439 ) Next »

Debian alert: ssh channel bug

  • Mailing list (Posted by dave on Mar 8, 2002 11:35 AM EDT)
  • Story Type: Security; Groups: Debian
Joost Pol <joost@pine.nl> reports that OpenSSH versions 2.0 through 3.0.2 have an off-by-one bug in the channel allocation code. This vulnerability can be exploited by authenticated users to gain root privilege or by a malicious server exploiting a client with this bug.

Red Hat alert: Updated openssh packages available

  • Mailing list (Posted by dave on Mar 8, 2002 8:19 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated openssh packages are now available for Red Hat Linux 7, 7.1, and 7.2 which close a remotely-exploitable vulnerability in sshd.

Mandrake alert: mod_frontpage update

A problem was found in versions of improved mod_frontpage prior to 1.6.1 regarding a lack of boundary checks in fpexec.c. This means that the suid root binary is exploitable for buffer overflows. This could be exploited by remote attackers to execute arbitrary code on the server with superuser privileges. Although there are no known exploits available, if you use mod_frontpage you are strongly encouraged to upgrade. This update for Mandrake Linux has been completely reworked and is easier to configure and use, as well as supporting the new FrontPage 2002 extensions.

Mandrake alert: mod_ssl update

Ed Moyle discovered a buffer overflow in mod_ssl's session caching mechanisms that use shared memory and dbm. This could potentially be triggered by sending a very long client certificate to the server.

Mandrake alert: openssh update

Joost Pol found a bug in the channel code of all versions of OpenSSH from 2.0 to 3.0.2. This bug can allow authenticated users with an existing account on the vulnerable system to obtain root privilege or by a malicious server attacking a vulnerable client. OpenSSH 3.1 is not vulnerable to this problem. The provided packages fix this vulnerability.

Slackware alert: OpenSSH security problem fixed

New openssh packages are available to fix security problems.

Red Hat alert: Updated mod_ssl packages available

  • Mailing list (Posted by dave on Mar 7, 2002 3:39 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated mod_ssl packages for Red Hat Linux 7, 7.1, and 7.2 are available which close a buffer overflow in mod_ssl.

SuSE alert: openssh

  • Mailing list (Posted by dave on Mar 7, 2002 9:27 AM EDT)
  • Story Type: Security; Groups: SUSE
Joost Pol discovered an off-by-one bug in a routine in the openssh code for checking channel IDs. This bug can be exploited on the remote side by an already authenticated user, qualifying this bug as a local security vulnerability, and on the local side if a malicious server attacks the connected client, qualifying this bug as a remote vulnerability. If the error is being exploited, it leads to arbitrary code execution in the process under attack (either a local ssh client, attacking the userID of the client user, or a remote secure shell daemon that has an authenticated user session running, attacking the root account of the remote system). Please note that the possible attack scenario is different from the usual attack scheme because "local vulnerability" refers to the remote side and vice versa.

Debian alert: New xsane packages fix insecure temporary files

  • Mailing list (Posted by dave on Mar 5, 2002 9:39 AM EDT)
  • Story Type: Security; Groups: Debian
Tim Waugh found several insecure uses of temporary files in the xsane program, which is used for scanning. This was fixed for Debian/stable by moving those files into a securely created directory within the /tmp directory.

Debian alert: New CVS packages fix potential security problems

  • Mailing list (Posted by dave on Mar 5, 2002 12:18 AM EDT)
  • Story Type: Security; Groups: Debian
Kim Nielsen recently found an internal problem with the CVS server and reported it to the vuln-dev mailing list. The problem is triggered by an improperly initialized global variable. A user exploiting this can crash the CVS server, which may be accessed through the pserver service and running under a remote user id. It is not yet clear if the remote account can be exposed, through.

Red Hat alert: Updated radiusd-cistron packages are available

  • Mailing list (Posted by dave on Mar 4, 2002 2:39 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated radiusd-cistron packages, which fix various security issues, are now available.

SuSE alert: squid

  • Mailing list (Posted by dave on Mar 4, 2002 3:11 AM EDT)
  • Story Type: Security; Groups: SUSE
The widely used proxy-server squid contains a heap overflow in one of its URL constructing functions. Incorrect length-calculations for the user and passwd fields in ftp-URLs turned out to be the origin of the problem. Only users from hosts listed in squids ACL-files could trigger the overflow. The ftp-URL problem is not present in the 6.4, 7.0 and 7.1 distributions, but other security releated bugs have been fixed there. A complete history can be found at

Slackware alert: mod_php update fixes security problems

This fixes several security problems in the POST handling code used for uploading files through forms. All sites using PHP are urged to upgrade as soon as possible.

Debian alert: New CFS packages fix security problems

  • Mailing list (Posted by dave on Mar 2, 2002 1:20 AM EDT)
  • Story Type: Security; Groups: Debian
Zorgon found several buffer overflows in cfsd, a daemon that pushes encryption services into the Unix(tm) file system. We are not yet sure if these overflows can successfully be exploited to gain root access to the machine running the CFS daemon. However, since cfsd can easily be forced to die, a malicious user can easily perform a denial of service attack to it.

Debian alert: New PHP packages fix security problems

  • Mailing list (Posted by dave on Mar 1, 2002 11:38 PM EDT)
  • Story Type: Security; Groups: Debian
Stefan Esser, who is also a member of the PHP team, found several flaws in the way PHP handles multipart/form-data POST requests (as described in RFC1867) known as POST fileuploads. Each of the flaws could allow an attacker to execute arbitrary code on the victim's system.

Mandrake alert: cyrus-sasl update

Kari Hurtta discovered that a format bug exists in the Cyrus SASL library, which is used to provide an authentication API for mail clients and servers, as well as other services such as LDAP. The format bug was found in one of the logging functions which could be used by an attacker to obtain acces to a machine or to possibly acquire elevated privileges. Thanks to the SuSE security team for providing the fix.

Mandrake alert: php update

Several flaws exist in various versions of PHP in the way it handles multipart/form-data POST requests, which are used for file uploads. The php_mime_split() function could be used by an attacker to execute arbitrary code on the server. This affects both PHP4 and PHP3. The authors have fixed this in PHP 4.1.2 and provided patches for older versions of PHP.

SuSE alert: mod_php/mod_php4

  • Mailing list (Posted by dave on Feb 28, 2002 11:58 AM EDT)
  • Story Type: Security; Groups: SUSE
The e-matters team have found multiple remotely exploitable vulnerabilites in the source code responsible for file upload in the apache modules mod_php and mod_php4 (versions 3 and 4). The weakness can be used to have the webserver execute arbitrary code as supplied by the attacker.

Red Hat alert: Updated PHP packages are available

  • Mailing list (Posted by dave on Feb 28, 2002 8:59 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated PHP packages are available to fix vulnerabilities in the functions that parse multipart MIME data, which are used when uploading files through forms.

Debian alert: Update for SNMP security fix

  • Mailing list (Posted by dave on Feb 28, 2002 5:07 AM EDT)
  • Story Type: Security; Groups: Debian
Some of the changes made in the DSA-111-1 security fix for SNMP changed the API and ABI for the SNMP library which broke some other applications.

« Previous ( 1 ... 7406 7407 7408 7409 7410 7411 7412 7413 7414 7415 7416 ... 7439 ) Next »