Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7422 7423 7424 7425 7426 7427 7428 7429 7430 7431 7432 ... 7469 ) Next »

SuSE alert: KDE lanbrowser vulnerability

  • Mailing list (Posted by dave on Nov 12, 2002 1:18 AM EDT)
  • Story Type: Security; Groups: SUSE
During a security review, the SuSE security team has found two vulnerabilities in the KDE lanbrowsing service.

Red Hat alert: New PHP packages fix vulnerability in mail function

  • Mailing list (Posted by dave on Nov 11, 2002 8:23 AM EDT)
  • Story Type: Security; Groups: Red Hat
PHP versions up to and including 4.

Debian alert: New klisa packages fix buffer overflow

  • Mailing list (Posted by dave on Nov 11, 2002 8:07 AM EDT)
  • Story Type: Security; Groups: Debian
iDEFENSE reports a security vulnerability in the klisa package, that provides a LAN information service similar to "Network Neighbourhood", which was discovered by Texonet. It is possible for a local attacker to exploit a buffer overflow condition in resLISa, a restricted version of KLISa. The vulnerability exists in the parsing of the LOGNAME environment variable, an overly long value will overwrite the instruction pointer thereby allowing an attacker to seize control of the executable.

Debian alert: New squirrelmail packages fix problem in options page

  • Mailing list (Posted by dave on Nov 11, 2002 12:02 AM EDT)
  • Story Type: Security; Groups: Debian
The security update for Squirrelmail (DSA 191-1) unfortunately introduced a bug in the options page. This problem is fixed in version 1.2.6-1.2 the current stable distribution (woody). The unstable distribution (sid) and the old stable distribution (potato) were not affected by this. For completeness please find below the original security advisory:

Debian alert: New html2ps packages fix arbitrary code execution

  • Mailing list (Posted by dave on Nov 8, 2002 8:09 AM EDT)
  • Story Type: Security; Groups: Debian
The SuSE Security Team found a vulnerability in html2ps, a HTML to PostScript converter, that opened files based on unsanitized input insecurely. This problem can be exploited when html2ps is installed as filter within lrpng and the attacker has previously gained access to the lp account.

Mandrake alert: perl-MailTools update

A vulnerability was discovered in Mail::Mailer perl module by the SuSE security team during an audit. The vulnerability allows remote attackers to execute arbitrary commands in certain circumstances due to the usage of mailx as the default mailer, a program that allows commands to be embedded in the mail body.

Mandrake alert: nss_ldap update

A buffer overflow vulnerability exists in nss_ldap versions prior to 198. When nss_ldap is configured without a value for the "host" keyword, it attempts to configure itself using SRV records stored in DNS. nss_ldap does not check that the data returned by the DNS query will fit into an internal buffer, thus exposing it to an overflow.

Debian alert: New squirrelmail packages fix cross site scripting bugs

  • Mailing list (Posted by dave on Nov 7, 2002 7:54 AM EDT)
  • Story Type: Security; Groups: Debian
Several cross site scripting vulnerabilities have been found in squirrelmail, a feature-rich webmail package written in PHP4. The Common Vulnerabilities and Exposures (CVE) project identified the following vulnerabilities:

Red Hat alert: Updated kerberos packages available

  • Mailing list (Posted by dave on Nov 7, 2002 7:27 AM EDT)
  • Story Type: Security; Groups: Red Hat
A remotely exploitable stack buffer overflow has been found in the Kerberos v4 compatibility administration daemon distributed with the Red Hat Linux krb5 packages.

Debian alert: buffer overflow in Window Maker

  • Mailing list (Posted by dave on Nov 7, 2002 4:11 AM EDT)
  • Story Type: Security; Groups: Debian
Al Viro found a problem in the image handling code use in Window Maker, a popular NEXTSTEP like window manager. When creating an image it would allocate a buffer by multiplying the image width and height, but did not check for an overflow. This makes it possible to overflow the buffer. This could be exploited by using specially crafted image files (for example when previewing themes).

Red Hat alert: Updated glibc packages fix vulnerabilities in resolver

  • Mailing list (Posted by dave on Nov 6, 2002 3:58 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated glibc packages are available to fix a buffer overflow in the resolver.

Debian alert: New luxman packages fix local root exploit

  • Mailing list (Posted by dave on Nov 6, 2002 8:10 AM EDT)
  • Story Type: Security; Groups: Debian
iDEFENSE reported about a vulnerability in LuxMan, a maze game for GNU/Linux, similar to the PacMan arcade game. When successfully exploited it a local attacker with read write access to the Memory, leading to a local root compromise in many ways, examples of which include scanning the file for fragments of the master password file and modifying kernel memory to re-map system calls.

Debian alert: New Apache-SSL packages fix several vulnerabilities

  • Mailing list (Posted by dave on Nov 5, 2002 5:55 AM EDT)
  • Story Type: Security; Groups: Debian
According to David Wagner, iDEFENSE and the Apache HTTP Server Project, several vulnerabilities have been found in the Apache package, a commonly used webserver. Most of the code is shared between the Apache and Apache-SSL packages, so vulnerabilities are shared as well. These vulnerabilities could allow an attacker to enact a denial of service against a server or execute a cross scripting attack, or steal cookies from other web site users. Vulnerabilities in the included lecacy programs htdigest, htpasswd and ApacheBench can be exploited when called via CGI. Additionally the insecure temporary file creation in htdigest and htpasswd can also be exploited locally. The Common Vulnerabilities and Exposures (CVE) project identified the following vulnerabilities:

SuSE alert: perl-MailTools

  • Mailing list (Posted by dave on Nov 5, 2002 2:09 AM EDT)
  • Story Type: Security; Groups: SUSE
The SuSE Security Team reviewed critical Perl modules, including the Mail::Mailer package. This package contains a security hole which allows remote attackers to execute arbitrary commands in certain circumstances. This is due to the usage of mailx as default mailer which allows commands to be embedded in the mail body. Vulnerable to this attack are custom auto reply programs or spam filters which use Mail::Mailer directly or indirectly.

Debian alert: New Apache packages fix several vulnerabilities

  • Mailing list (Posted by dave on Nov 4, 2002 6:26 AM EDT)
  • Story Type: Security; Groups: Debian
According to David Wagner, iDEFENSE and the Apache HTTP Server Project, several remotely exploitable vulnerabilities have been found in the Apache package, a commonly used webserver. These vulnerabilities could allow an attacker to enact a denial of service against a server or execute a cross scripting attack. The Common Vulnerabilities and Exposures (CVE) project identified the following vulnerabilities:

Debian alert: New log2mail packages fix several vulnerabilities

  • Mailing list (Posted by dave on Nov 1, 2002 6:31 AM EDT)
  • Story Type: Security; Groups: Debian
Enrico Zini discovered a buffer overflow in log2mail, a daemon for watching logfiles and sending lines with matching patterns via mail. The log2mail daemon is started upon system boot and runs as root. A specially crafted (remote) log message could overflow a static buffer, potentially leaving log2mail to execute arbitrary code as root.

Mandrake alert: mozilla update

Numerous security fixes are available in Mozilla 1.0.1. For a detailed list, refer to the "Recently fixed security issues" page on the Mozilla website (see the first reference). All users are encouraged to upgrade to this latest stable 1.0.x release of Mozilla.

Debian alert: New heimdal packages fix buffer overflows

  • Mailing list (Posted by dave on Oct 31, 2002 6:10 AM EDT)
  • Story Type: Security; Groups: Debian
A stack buffer overflow in the kadm_ser_wrap_in function in the Kerberos v4 administration server was discovered, which is provided by Heimdal as well. A working exploit for this kadmind bug is already circulating, hence it is considered serious. The roken library also contains a vulnerability which could lead to another root exploit.

SuSE alert: lprng/html2ps

  • Mailing list (Posted by dave on Oct 31, 2002 2:01 AM EDT)
  • Story Type: Security; Groups: SUSE
The lprng package contains the "runlpr" program which allows the lp user to execute the lpr program as root. Local attackers can pass certain commandline arguments to lpr running as root, fooling it to execute arbitrary commands as root. This has been fixed. Note that this vulnerability can only be exploited if the attacker has previously gained access to the lp account.

SuSE alert: syslog-ng

  • Mailing list (Posted by dave on Oct 31, 2002 1:24 AM EDT)
  • Story Type: Security; Groups: SUSE
The syslog-ng package is a portable syslog implementation which can be used as syslogd replacement. Syslog-ng contained buffer overflows in its macro expansion routines. These overflows could be triggered by remote attackers if certain configuration options were enabled. Syslog-ng is not used by default on SuSE Linux, and even if installed, the problematic options are not enabled by default. We recommend an update of the syslog-ng package nevertheless if you use syslog-ng for logging. To be sure the update takes effect you have to restart the daemon by issuing the following command as root:

« Previous ( 1 ... 7422 7423 7424 7425 7426 7427 7428 7429 7430 7431 7432 ... 7469 ) Next »