Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7422 7423 7424 7425 7426 7427 7428 7429 7430 7431 7432 ... 7439 ) Next »
Debian alert: New versions of Athena Widget replacement libraries available
It has been reported that the AsciiSrc and MultiSrc widget in the
Athena widget library handle temporary files insecurely. Joey Hess
has ported the bugfix from XFree86 to these Xaw replacements
libraries.
Debian alert: New version of Midnight Commander available
It has been reported that a local user could tweak Midnight Commander
of another user into executing a random program under the user id of
the person running Midnight Commander. This behaviour has been fixed
by Andrew V. Samoilov.
Debian alert: New version of man2html available
It has been reported that one can tweak man2html remotely into
consuming all available memory. This has been fixed by Nicolás
Lichtmaier with help of Stephan Kulow.
Debian alert: New version of ePerl packages available
Fumitoshi Ukai and Denis Barbier have found several potential buffer
overflow bugs in our version of ePerl as distributed in all of our
distributions.
Debian alert: New versions of analog available
The author of analog, Stephen Turner, has found a buffer overflow bug
in all versions of analog except of version 4.16. A malicious user
could use an ALIAS command to construct very long strings which were
not checked for length and boundaries. This bug is particularly
dangerous if the form interface (which allows unknown users to run the
program via a CGI script) has been installed. There doesn't seem to
be a known exploit.
Debian alert: proftp runs as root, /var symlink removal
The following problems have been reported for the version of proftpd in
Debian 2.2 (potato):
Debian alert: New sudo packages for powerpc available
Todd Miller announced a new version of sudo which corrects a buffer
overflow that could potentially be used to gain root privilages on the
local system. This bugfix has been backported to the version which
was used in Debian GNU/Linux 2.2.
Debian alert: New proftpd packages for m68k available
In Debian Security Advisory DSA 029-1 we have reported several
vulnerabilities in proftpd that have been fixed. For details please
read the main advisory. This upload fixes:
Debian alert: New mgetty packages for m68k and powerpc available
In Debian Security Advisory DSA 011-1 we have reported insecure
creation of temporary files in the mgetty package that have been
fixed. For details please read the main advisory.
SuSE alert: cups
CUPS is an implementation of the Internet Printing Protocol (IPP) and is used as an alternative to the lpr and LPRng packages. The CUPS package aims to be a comprehensive printing solution for UN*X-systems. In SuSE-7.1 distribution, the cups package is not used by any configuration utilities unless the admin has decided to configure the package manually. The cups package has been introduced in the SuSE-7.1 distribution; enhanced support for future releases of the SuSE Linux distribution is planned. A SuSE-internal security audit conducted by Sebastian Krahmer and Thomas Biege revealed several overflows as well as insecure file handling. These bugs have been fixed by adding length-checks and securing the file-access. For a temporary workaround, remove the suid-bit from the 'lppasswd' program. Make sure nobody from outside your network can access the CUPS-server running on port 631. Allowing access to this port from outside is a bad idea regardless whether or not the used version is vulnerable.
Red Hat alert: Updated joe packages are available for Red Hat Linux 5.2, 6.x and 7.
Updated joe packages are available for Red Hat Linux 5.2, 6.x and 7.
Debian alert: New version of sudo released
Todd Miller announced a new version of sudo which corrects a buffer
overflow that could potentially be used to gain root privilages on the
local system. The fix from sudo 1.6.3p6 is available in sudo
1.6.2p2-1potato1 for Debian 2.2 (potato).
Red Hat alert: New Zope packages are available
New Zope packages are available which fix numerous security
vulnerabilities.
Slackware alert: buffer overflow in sudo fixed
Sudo 1.6.3p6 is now available for Slackware 7.1 and Slackware -current.
This release fixes a known buffer overflow, which could be used by
malicious users to compromise parts of the system. If you rely on Sudo
and use one of the above versions of Slackware, it is recommended that you
upgrade to the new sudo.tgz package for the version you're running.
Red Hat alert: Updated analog packages are available
Updated analog packages are available which fix a buffer overflow
vulnerability.
Red Hat alert: New vixie-cron packages available
New vixie-cron packages are available that fix a buffer overflow
in the 'crontab' command; this could allow certain users to
gain elevated privileges.
It is recommended that all users update to the fixed packages.
Users of Red Hat Linux 6.0 or 6.1 should use the packages for
Red Hat Linux 6.
SuSE alert: ssh
SuSE distributions contain the ssh package in the version 1.2.27. No later version is provided because of licensing issues. SuSE maintains the 1.2.27 version in a patched package. Three new patches have been added that workaround three independent security problems in the ssh package: a) SSHD-1 Logging Vulnerability (discovered and published by Jose Nazario, Crimelabs). Attackers can remotely brute-force passwords without getting noticed or logged. In the ssh package from the SuSE distribution, root login is allowed, as well as password authentication. Even though brute-forcing a password may take an enormous amount of time and resources, the issue is to be taken seriously. b) SSH1 session key recovery vulnerability (by (Ariel Waissbein, Agustin Azubel) - CORE SDI, Argentina, and David Bleichenbacher). Captured encrypted ssh traffic can be decrypted with some effort by obtaining the session key for the ssh session. The added patch in our package causes the ssh daemon to generate a new server key pair upon failure of an RSA operation (please note that the patch supplied with Iván Arce on bugtraq on Wed, 7 Feb 2001 has been corrected later on!). c) In 1998, the ssh-1 protocol was found to be vulnerable to an attack where arbitrary sequences could be inserted into the ssh-1 protocol layer. The attack was called "crc32 compensation attack", and a fix was introduced (crc compensation attack detector in the ssh -v output) into the later versions of ssh. Michal Zalewski discovered that the fix in its most widely used implementation is defective. An integer overflow allows an attacker to overwrite arbitrary memory in the sshd process' address space, which potentionally results in a remote root compromise. There are easy resorts that can be offered: a) switch to openssh (please use the openssh packages on http://ftp.suse.com from the same update directories as the ssh package update URLs below indicate). openssh is a different implementation of the ssh protocol that is compatible to the protocol versions 1 and 2. Openssh Version 2.3.0 does not suffer from the problems listed above. Versions before 2.3.0 are vulnerable to other problems, so please use the updates from the update directory on the http://ftp.suse.de ftp server. See section 2) of this announcement for the md5sums of the packages. b) upgrade your ssh package from the locations described below.
SuSE alert: ssh
SuSE distributions contain the ssh package in the version 1.2.27. No later version is provided because of licensing issues. SuSE maintains the 1.2.27 version in a patched package. Three new patches have been added that workaround three independent security problems in the ssh package: a) SSHD-1 Logging Vulnerability (discovered and published by Jose Nazario, Crimelabs). Attackers can remotely brute-force passwords without getting noticed or logged. In the ssh package from the SuSE distribution, root login is allowed, as well as password authentication. Even though brute-forcing a password may take an enormous amount of time and resources, the issue is to be taken seriously. b) SSH1 session key recovery vulnerability (by (Ariel Waissbein, Agustin Azubel) - CORE SDI, Argentina, and David Bleichenbacher). Captured encrypted ssh traffic can be decrypted with some effort by obtaining the session key for the ssh session. The added patch in our package causes the ssh daemon to generate a new server key pair upon failure of an RSA operation (please note that the patch supplied with Iván Arce on bugtraq on Wed, 7 Feb 2001 has been corrected later on!). c) In 1998, the ssh-1 protocol was found to be vulnerable to an attack where arbitrary sequences could be inserted into the ssh-1 protocol layer. The attack was called "crc32 compensation attack", and a fix was introduced (crc compensation attack detector in the ssh -v output) into the later versions of ssh. Michal Zalewski discovered that the fix in its most widely used implementation is defective. An integer overflow allows an attacker to overwrite arbitrary memory in the sshd process' address space, which potentionally results in a remote root compromise. There are easy resorts that can be offered: a) switch to openssh (please use the openssh packages on http://ftp.suse.com from the same update directories as the ssh package update URLs below indicate). openssh is a different implementation of the ssh protocol that is compatible to the protocol versions 1 and 2. Openssh Version 2.3.0 does not suffer from the problems listed above. Versions before 2.3.0 are vulnerable to other problems, so please use the updates from the update directory on the http://ftp.suse.de ftp server. See section 2) of this announcement for the md5sums of the packages. b) upgrade your ssh package from the locations described below.
Debian alert: New m68k packages of XFree86 released
Several people have noted a number of problems in several components
of the X Window System sample implementation (from which XFree86 is
derived). Please read DSA 030-1 for a detailed description.
Debian alert: Multiple security problems in X
Chris Evans, Joseph S. Myers, Michal Zalewski, Alan Cox, and others have
noted a number of problems in several components of the X Window System
sample implementation (from which XFree86 is derived). While there are no
known reports of real-world malicious exploits of any of these problems, it
is nevertheless suggested that you upgrade your XFree86 packages
immediately.
« Previous ( 1 ... 7422 7423 7424 7425 7426 7427 7428 7429 7430 7431 7432 ... 7439 ) Next »