Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7437 7438 7439 7440 7441 7442 7443 7444 7445 7446 7447 ... 7468 ) Next »

Mandrake alert: ucd-snmp update

The Oulu University Secure Programming Group (OUSPG) has identified numerous vulnerabilities in multiple vendor SNMPv1 implementations. These vulnerabilities may allow unauthorized privileged access, denial of service attacks, or unstable behaviour.

Debian alert: Multiple SNMP vulnerabilities

  • Mailing list (Posted by dave on Feb 14, 2002 9:15 AM EDT)
  • Story Type: Security; Groups: Debian
The Secure Programming Group of the Oulu University did a study on SNMP implementations and uncovered multiple problems which can cause problems ranging from Denial of Service attacks to remote exploits.

Debian alert: New CUPS packages fix buffer overflow

  • Mailing list (Posted by dave on Feb 13, 2002 9:59 AM EDT)
  • Story Type: Security; Groups: Debian
The authors of CUPS, the Common UNIX Printing System, have found a potential buffer overflow bug in the code of the CUPS daemon where it reads the names of attributes. This affects all versions of CUPS.

Debian alert: New Faq-O-Matic packages fix cross-site scripting vulnerability

  • Mailing list (Posted by dave on Feb 13, 2002 3:09 AM EDT)
  • Story Type: Security; Groups: Debian
Due to unescaped HTML code Faq-O-Matic returned unverified scripting code to the browser. With some tweaking this enables an attacker to steal cookies from one of the Faq-O-Matic moderators or the admin.

Red Hat alert: Updated ucd-snmp packages available

  • Mailing list (Posted by dave on Feb 12, 2002 1:36 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated ucd-snmp packages are now available for Red Hat Linux 6.2, 7, 7.1, and 7.

Mandrake alert: openldap update

A problem exists in all versions of OpenLDAP from 2.0.0 through 2.0.19 where permissions are not properly checked using access control lists when a user tries to remove an attribute from an object in the directory by replacing it's values with an empty list. Schema checking is still enforced, so a user can only remove attributes that the schema does not require the object to possess.

Debian alert: New UUCP packages finally fix uucp uid/gid access

  • Mailing list (Posted by dave on Feb 8, 2002 1:28 AM EDT)
  • Story Type: Security; Groups: Debian
Zenith Parsec discovered a security hole in Taylor UUCP 1.06.1. It permits a local user to copy any file to anywhere which is writable by the uucp uid, which effectively means that a local user can completely subvert the UUCP subsystem, including stealing mail, etc.

Mandrake alert: groff update

zen-parse discovered an exploitable buffer overflow in groff's preprocessor. If groff is invoked using the LPRng printing system, an attacker can gain rights as the "lp" user. Likewise, this may be remotely exploitable if lpd is running and remotely accessible and the attacker knows the name of the printer and it's spool file.

Red Hat alert: Updated at package available

  • Mailing list (Posted by dave on Feb 7, 2002 2:10 PM EDT)
  • Story Type: Security; Groups: Red Hat
This updated at package fixes two minor problems and one major problem where the environment can get wiped out prior to the execution of a scheduled command. For versions of Red Hat Linux prior to 7.2, this package also fixes a potential security vulnerability which can result in heap corruption (Red Hat Linux 7.2 is not vulnerable to this security exploit). Update 2002-02-01: The package for Red Hat Linux 6.2 tried to source a file in /etc/init.d, which doesn't exist on a standard system.

Debian alert: New wmtv packages fix symlink vulnerability

  • Mailing list (Posted by dave on Feb 7, 2002 11:24 AM EDT)
  • Story Type: Security; Groups: Debian
Nicolas Boullis found some security problems in the wmtv package (a dockable video4linux TV player for windowmaker) which is distributed in Debian GNU/Linux 2.2. With the current version of wmtv, the configuration file is written back as the superuser, and without any further checks. A mailicious user might use that to damage important files

Red Hat alert: New telnet packages available to fix buffer overflow vulnerabilities

  • Mailing list (Posted by dave on Feb 7, 2002 10:58 AM EDT)
  • Story Type: Security; Groups: Red Hat
New telnet, telnet-server packages are available for Red Hat Linux 5.2, 6.2, 7.0 and 7.1. These packages fix a problem where buffer overflows can provide root access to local users. It is recommended that all users update to the fixed packages. [2002-02-06] New packages are available for Red Hat Linux 7.0 and 7.1. These fix issues when upgrading from the errata telnet packages released for previous releases. No code changes are involved.

Debian alert: updated rsync fix

  • Mailing list (Posted by dave on Feb 3, 2002 5:50 AM EDT)
  • Story Type: Security; Groups: Debian
In Debian Security Advisory DSA-106-1 we reported a exploitable problem in rsync. For details please see that advisory.

Mandrake alert: gzip update

There are two problems with the gzip archiving program; the first is a crash when an input file name is over 1020 characters, and the second is a buffer overflow that could be exploited if gzip is run on a server such as an FTP server. The patch applied is from the gzip developers and the problems have been fixed in the latest beta.

Red Hat alert: New rsync packages available

  • Mailing list (Posted by dave on Jan 30, 2002 12:10 PM EDT)
  • Story Type: Security; Groups: Red Hat
New rsync packages are available; these fix a remotely exploitable problem in the I/O functions. These include the security patch from the recently released rsync-

Debian alert: New jgroff packages fix printf format problem

  • Mailing list (Posted by dave on Jan 30, 2002 8:20 AM EDT)
  • Story Type: Security; Groups: Debian
Basically, this is the same Security Advisory as DSA 072-1, but for jgroff instead of groff. The package jgroff contains a version derived from groff that has japaneze character sets enabled. This package is available only in the stable release of Debian, patches for japanese support have been merged into the main groff package.

Mandrake alert: enscript update

The enscript program does not create temporary files in a secure fashion and as such could be abused if enscript is run as root.

Mandrake alert: rsync update

Sebastian Krahmer of the SuSE Security Team performed an audit on the rsync tool and discovered that in several places signed and unsigned numbers were mixed, with the end result being insecure code. These flaws could be abused by remote users to write 0 bytes into rsync's memory and trick rsync into executing arbitrary code on the server. It is recommended that all Mandrake Linux users update rsync immediately. As well, rsync server administrators should seriously consider making use of the "use chroot", "read only", and "uid" options as these can significantly reduce the impact that security problems in rsync (or elsewhere) have on the server.

Debian alert: rsync remote exploit

  • Mailing list (Posted by dave on Jan 25, 2002 4:29 PM EDT)
  • Story Type: Security; Groups: Debian
Sebastian Krahmer found several places in rsync (a popular tool to synchronise files between machines) where signed and unsigned numbers were mixed which resulted in insecure code. This could be abused by remote users to write 0-bytes in rsync's memory and trick rsync into executing arbitrary code.

SuSE alert: rsync

  • Mailing list (Posted by dave on Jan 25, 2002 7:01 AM EDT)
  • Story Type: Security; Groups: SUSE
The rsync program allows users and administrators to synchronize files and whole directory structures on different machines. It is common practise to allow remote users to mirror ftp servers via anonymous rsync access. There exist several signedness bugs within the rsync program which allow remote attackers to write 0-bytes to almost arbitrary stack-locations, therefore being able to control the programflow and obtaining a shell remotely. These bugs have been fixed.

Red Hat alert: Updated 2.4 kernel available

  • Mailing list (Posted by dave on Jan 23, 2002 6:56 PM EDT)
  • Story Type: Security; Groups: Red Hat
A security vunlerability in the Linux CIPE (VPN tunnel) implementation has been fixed.

« Previous ( 1 ... 7437 7438 7439 7440 7441 7442 7443 7444 7445 7446 7447 ... 7468 ) Next »