Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7407 7408 7409 7410 7411 7412 7413 7414 7415 7416 ... 7417 ) Next »

Red Hat alert: Updated gnorpm packages are available for Red Hat Linux 6.1, 6.2, and 7.0

  • Mailing list (Posted by dave on Nov 2, 2000 6:08 AM EDT)
  • Story Type: Security; Groups: Red Hat
(This is a re-release of the previous errata caused by a missing patch). A locally-exploitable security hole was found where a normal user could trick root running GnoRPM into writing to arbitrary files due to a bug in the gnorpm tmp file handling.

Red Hat alert: Setuid bits are removed on dump to prevent exploit

  • Mailing list (Posted by dave on Nov 2, 2000 6:06 AM EDT)
  • Story Type: Security; Groups: Red Hat
The Red Hat 7.0 dump is being released for Red Hat 6.x and Red Hat 5.x in order to remove root setuid bits to prevent a known dump exploit (#20111). The new dump packages also include a fix for a buffer overflow (#9899)

Red Hat alert: Updated nss_ldap packages are now available.

  • Mailing list (Posted by dave on Oct 27, 2000 11:09 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated nss_ldap packages are now available for Red Hat Linux 6.1, 6.2, and 7.

Red Hat alert: Updated Secure Web Server packages now available

  • Mailing list (Posted by dave on Oct 27, 2000 8:47 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated Secure Web Server packages are now available for users of Secure Web Server 3.

SuSE alert: ncurses

  • Mailing list (Posted by dave on Oct 27, 2000 7:59 AM EDT)
  • Story Type: Security; Groups: SUSE
The ncurses library is used by many text/console based applications such as mail user agents, ftp clients and other command line utilities. A vulnerability has been found by Jouko Pynnönen <jouko@solutions.fi> in the screen handling functions: Insufficient boundary checking leads to a buffer overflow if a user supplies a specially drafted terminfo database file. If an ncurses-linked binary is installed setuid root, it is possible for a local attacker to exploit this hole and gain elevated privileges.

Red Hat alert: Updated cyrus-sasl packages available for Red Hat Linux 7

  • Mailing list (Posted by dave on Oct 26, 2000 10:26 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated cyrus-sasl packages are now available for Red Hat Linux 7.

Slackware alert: Local /tmp vulnerability fixed in ppp-off

A local /tmp bug in the /usr/sbin/ppp-off program was found. This bug could allow a local user to corrupt system files. A fix has been made and an updated package is now available in the -current branch.

Slackware alert: root exploit with xlockmore fixed

A root exploit has been found in xlockmore packaged with Slackware. By providing a carefully crafted display variable to xlock, it is possible for a local attacker to gain root access. Anyone running xlock on a public machine should upgrade to this version of xlock (or disable xlock altogether) immediately.

Red Hat alert: Updated apache, php, mod_perl, and auth_ldap packages available.

  • Mailing list (Posted by dave on Oct 23, 2000 1:10 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated apache, php, mod_perl, and auth_ldap packages are now available for Red Hat Linux 5.2, 6.0, 6.1, 6.2, and 7.

Red Hat alert: ypbind for Red Hat Linux 5.x, 6.x has a local root exploit

  • Mailing list (Posted by dave on Oct 23, 2000 7:55 AM EDT)
  • Story Type: Security; Groups: Red Hat
ypbind as shipped in Red Hat Linux 5.x and 6.x is vulnerable to a local root exploit. All systems making use of NIS services are encouraged to upgrade.

Red Hat alert: Updated gnupg packages available

  • Mailing list (Posted by dave on Oct 20, 2000 7:09 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated gnupg packages are now available for Red Hat Linux 6.2 and 7.

SuSE alert: ypbind/ypclient

  • Mailing list (Posted by dave on Oct 18, 2000 9:22 AM EDT)
  • Story Type: Security; Groups: SUSE
Security problems have been found in the client code of the NIS (Network Information System, aka yp - yellow pages) subsytem. SuSE distributions before SuSE-6.1 came with the original ypbind program, SuSE-6.2 and later included the ypbind-mt NIS client implementation. ypbind-3.3 (the earlier version) has a format string parsing bug if it is run in debug mode, and (discovered by Olaf Kirch <okir@caldera.de>) leaks file descriptors under certain circumstances which can lead to a DoS. In addition, ypbind-3.3 may suffer from buffer overflows. ypbind-mt, the software shipped with SuSE distributions starting with SuSE-6.2, suffers from a single format string parsing bug. Some of these bugs could allow remote attackers to execute arbitrary code as root. During code audit and testing it turned out that the ypbind-3.x software in the SuSE-6.1 distribution and earlier needs a major overhaul to make it work both reliable and secure with respect to errors in the code. Basically, this is what happened when Thorsten Kukuk <kukuk@suse.de> wrote ypbind-mt from scratch in 1998. For the same reason, we are currently unable to produce a working security update package which fixes the known and yet unknown (there may be more) problems in the ypclient packages in the SuSE-6.1 distribution and older. The only efficient workaround for the SuSE-6.1 distribution and older against these bugs for an untrusted, hostile environment is to upgrade to a new distribution base (SuSE-7.0 is recommended) and use the ypclient update packages for this distribution. As of today, there is no exploit known to exist in the wild.

Red Hat alert: Potential security problems in ping fixed.

  • Mailing list (Posted by dave on Oct 18, 2000 8:03 AM EDT)
  • Story Type: Security; Groups: Red Hat
N/A

Slackware alert: Apache 1.3.14 available

Several security problems have been found in the Apache web server software. It is recommended that all users of Apache upgrade to the latest stable release to fix these problems.

SuSE alert: traceroute

  • Mailing list (Posted by dave on Oct 16, 2000 6:16 AM EDT)
  • Story Type: Security; Groups: SUSE
The security problem in the traceroute program as shipped with SuSE Linux distributions is completely different from the one reported on security mailing lists a few days ago (`traceroute -g 1 -g 1') by Pekka Savola <pekkas@netcore.fi>. SuSE distributions do not contain this particular traceroute implementation. The problem in our traceroute was discovered independently and reported to us by H D Moore <hdm@secureaustin.com>. The problem in the implementation of traceroute that we ship is a format string parsing bug in a routine that can be used to terminate a line in traceroute's output to easily embed the program in cgi scripts as used for web frontends for traceroute. Using a specially crafted sequence of characters on the commandline, it is possile to trick the traceroute program into running arbitrary code as root.

SuSE alert: gnorpm

  • Mailing list (Posted by dave on Oct 16, 2000 6:00 AM EDT)
  • Story Type: Security; Groups: SUSE
gnorpm is a graphical user interface to the rpm subsystem for the gnome desktop.

Debian alert: New version of Debian php3 packages released (updated)

  • Mailing list (Posted by dave on Oct 13, 2000 11:46 PM EDT)
  • Story Type: Security; Groups: Debian
[Updated version: corrected URLs]

Debian alert: New version of Debian php4 packages released (updated)

  • Mailing list (Posted by dave on Oct 13, 2000 11:46 PM EDT)
  • Story Type: Security; Groups: Debian
[Updated version: corrected URLs]

Debian alert: New version of Debian php4 packages released

  • Mailing list (Posted by dave on Oct 13, 2000 11:36 PM EDT)
  • Story Type: Security; Groups: Debian
In versions of the PHP 4 packages before version 4.0.3, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server.

Debian alert: New version of Debian php3 packages released

  • Mailing list (Posted by dave on Oct 13, 2000 10:44 PM EDT)
  • Story Type: Security; Groups: Debian
In versions of the PHP 3 packages before version 3.0.17, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server, particularly if error logging was enabled.

« Previous ( 1 ... 7407 7408 7409 7410 7411 7412 7413 7414 7415 7416 ... 7417 ) Next »