Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7434 7435 7436 7437 7438 7439 7440 7441 7442 7443 7444 ... 7468 ) Next »

Debian alert: listar buffer overflow

  • Mailing list (Posted by dave on Mar 19, 2002 6:07 AM EDT)
  • Story Type: Security; Groups: Debian
Janusz Niewiadomski and Wojciech Purczynski reported a buffer overflow in the address_match of listar (a listserv style mailing-list manager).

Red Hat alert: Vulnerability in zlib library

  • Mailing list (Posted by dave on Mar 18, 2002 6:18 AM EDT)
  • Story Type: Security; Groups: Red Hat
[Update 14 Mar 2002: Updated kernel packages for Red Hat Linux 6.2 and 7.0 which were missing the zlib fix; added missing kernel-headers package for 6.

Red Hat alert: Updated cups packages are available

  • Mailing list (Posted by dave on Mar 15, 2002 3:38 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated cups packages which fix a security problem are available.

Mandrake alert: rsync update

Ethan Benson discovered a bug in rsync where the supplementary groups that the rsync daemon runs as (such as root) would not be removed from the server process after changing to the specified unprivileged uid and gid. This seems only serious if rsync is called using "rsync --daemon" from the command line where it will inherit the group of the user starting the server (usually root). Note that, by default, Mandrake Linux uses xinetd to handle connections to the rsync daemon. This was fixed upstream in version 2.5.3, as well as the previously noted zlib fixes (see MDKSA-2002:023). The authors released 2.5.4 with some additional zlib fixes, and all users are encouraged to upgrade to this new version of rsync.

Mandrake alert: packages containing zlib update

Matthias Clasen found a security issue in zlib that, when provided with certain input, causes zlib to free an area of memory twice.

Red Hat alert: Updated secureweb packages available

  • Mailing list (Posted by dave on Mar 13, 2002 7:32 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated secureweb packages are now available for Red Hat Secure Web Server 3.2 (U.S.). These updates close a buffer overflow in mod_ssl.

Mandrake alert: packages containing zlib update

Matthias Clasen found a security issue in zlib that, when provided with certain input, causes zlib to free an area of memory twice.

Mandrake alert: zlib update

Matthias Clasen found a security issue in zlib that, when provided with certain input, causes zlib to free an area of memory twice. This "double free" bug can be used to crash any programs that take untrusted compressed input, such as web browsers, email clients, image viewing software, etc. This vulnerability can be used to perform Denial of Service attacks and, quite possibly, the execution of arbitrary code on the affected system. MandrakeSoft has published two advisories concerning this incident: MDKSA-2002:022 - zlib MDKSA-2002:023 - packages containing zlib The second advisory contains additional packages that bring their own copies of the zlib source, and as such need to be fixed and rebuilt. Updating the zlib library is sufficient to protect those programs that use the system zlib, but the packages as noted in MDKSA-2002:023 will need to be updated for those packages that do not use the system zlib.

Slackware alert: cvs recompiled against updated zlib + /tmp fix

New cvs packages are available to fix security problems.

Slackware alert: rsync update fixes security problems

New rsync packages are available to fix security problems.

Slackware alert: zlib upgrade fixes vulnerability

New zlib packages are available to fix a security problem which may impact programs that link with zlib.

Debian alert: New zlib & other packages fix buffer overflow

  • Mailing list (Posted by dave on Mar 11, 2002 11:43 AM EDT)
  • Story Type: Security; Groups: Debian
The compression library zlib has a flaw in which it attempts to free memory more than once under certain conditions. This can possibly be exploited to run arbitrary code in a program that includes zlib. If a network application running as root is linked to zlib, this could potentially lead to a remote root compromise. No exploits are known at this time. This vulnerability is assigned the CVE candidate name of CAN-2002-0059.

SuSE alert: packages containing libz/zlib

  • Mailing list (Posted by dave on Mar 11, 2002 11:07 AM EDT)
  • Story Type: Security; Groups: SUSE
This is the second announcement in the tandem-announcement about libz/zlib. SuSE Security Announcement SuSE-SA:2002:010 (libz/zlib) has been released prior to this announcement (SuSE-SA:2002:011). Please see SuSE-SA:2002:010 for details on the libz weakness. The two announcements SuSE-SA:2002:010 and SuSE-SA:2002:011 are being published in quick succession.

SuSE alert: libz/zlib

  • Mailing list (Posted by dave on Mar 11, 2002 11:00 AM EDT)
  • Story Type: Security; Groups: SUSE
The zlib compression library is being used by many applications to provide data compression/decompression routines. An error in a decompression routine can corrupt the internal data structures of malloc by a double call to the free() function. If the data processed by the compression library is provided from an untrusted source, it may be possible for an attacker to interfere with the process using the zlib routines. The attack scenario includes a denial of service attack and memory/data disclosure, but it may also be possible to insert arbitrary code into the running program and to execute this code. This update fixes the known problems in the libz/zlib as a permanent fix. There exists no temporary workaround that can efficiently remedy the problem.

Red Hat alert: Vulnerability in zlib library

  • Mailing list (Posted by dave on Mar 11, 2002 9:17 AM EDT)
  • Story Type: Security; Groups: Red Hat
The zlib library provides in-memory compression/decompression functions. The library is widely used throughout Linux and other operating systems. While performing tests on the gdk-pixbuf library, Matthias Clasen created an invalid PNG image that caused libpng to crash. Upon further investigation, this turned out to be a bug in zlib 1.1.3 where certain types of input will cause zlib to free the same area of memory twice (called a "double free"). This bug can be used to crash any program that takes untrusted compressed input. Web browsers or email programs that display image attachments or other programs that uncompress data are particularly affected. This vulnerability makes it easy to perform various denial-of-service attacks against such programs. It is also possible that an attacker could manage a more significant exploit, since the result of a double free is the corruption of the malloc() implementation's data structures. This could include running arbitrary code on local or remote systems. Most packages in Red Hat Linux use the shared zlib library and can be protected against vulnerability by updating to the errata zlib package. However, we have identified a number of packages in Red Hat Linux that either statically link to zlib or contain an internal version of zlib code. Although no exploits for this issue or these packages are currently known to exist, this is a serious vulnerability which could be locally or remotely exploited. All users should upgrade affected packages immediately. Additionally, if you have any programs that you have compiled yourself, you should check to see if they use zlib. If they link to the shared zlib library then they will not be vulnerable once the shared zlib library is updated to the errata package. However, if any programs that decompress arbitrary data statically link to zlib or use their own version of the zlib code internally, then they need to be patched or recompiled.

Red Hat alert: Vulnerability in zlib library (powertools)

  • Mailing list (Posted by dave on Mar 11, 2002 9:16 AM EDT)
  • Story Type: Security; Groups: Red Hat
The zlib compression library provides in-memory compression and decompression functions. It is widely used throughout Linux and other operating systems. While performing tests on the gdk-pixbuf library, Matthias Clasen created an invalid PNG image that caused libpng to crash. Upon further investigation, this turned out to be a bug in zlib 1.1.3. Certain input will cause zlib to free an area of memory twice (also called a "double free"). This bug can be used to crash any program that takes untrusted compressed input. Web browsers or email programs that display image attachments or other programs that uncompress data are particularly affected. This vulnerability makes it easy to perform various denial-of-service attacks against such programs. However, since the result of a double free is the corruption of the malloc implementation's data structures, it is possible that an attacker could manage a more significant exploit, such as running arbitrary code on the affected system.

Debian alert: New xtell packages fix several vulnerabilities

  • Mailing list (Posted by dave on Mar 11, 2002 8:34 AM EDT)
  • Story Type: Security; Groups: Debian
Several security related problems have been found in the xtell package, a simple messaging client and server. In detail, these problems contain several buffer overflows, a problem in connection with symbolic links, unauthorized directory traversal when the path contains "..". These problems could lead into an attacker being able to execute arbitrary code on the server machine. The server runs with nobody privileges by default, so this would be the account to be exploited.

Debian alert: New mod_ssl and Apache/SSL packages fix buffer overflow

  • Mailing list (Posted by dave on Mar 10, 2002 1:44 PM EDT)
  • Story Type: Security; Groups: Debian
Ed Moyle recently found a buffer overflow in Apache-SSL and mod_ssl. With session caching enabled, mod_ssl will serialize SSL session variables to store them for later use. These variables were stored in a buffer of a fixed size without proper boundary checks.

Debian alert: ssh channel bug

  • Mailing list (Posted by dave on Mar 8, 2002 11:35 AM EDT)
  • Story Type: Security; Groups: Debian
Joost Pol <joost@pine.nl> reports that OpenSSH versions 2.0 through 3.0.2 have an off-by-one bug in the channel allocation code. This vulnerability can be exploited by authenticated users to gain root privilege or by a malicious server exploiting a client with this bug.

Red Hat alert: Updated openssh packages available

  • Mailing list (Posted by dave on Mar 8, 2002 8:19 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated openssh packages are now available for Red Hat Linux 7, 7.1, and 7.2 which close a remotely-exploitable vulnerability in sshd.

« Previous ( 1 ... 7434 7435 7436 7437 7438 7439 7440 7441 7442 7443 7444 ... 7468 ) Next »