LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Closed Thread
 
Search this Thread
Old 04-10-2005, 07:58 PM   #1
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
LQ Security Report - April 10th 2005


April 5th 2005
19 issues handled (SF)
1. Linux Kernel Bluetooth Signed Buffer Index Vulnerability
2. Multiple Vendor Telnet Client LINEMODE Sub-Options Remote Bu...
3. Multiple Vendor Telnet Client Env_opt_add Heap-Based Buffer ...
4. Midnight Commander Insert_Text Buffer Overflow Vulnerability
5. Linux Kernel EXT2 File System Information Leak Vulnerability
6. Sylpheed MIME-Encoded Attachment Name Buffer Overflow Vulner...
7. Linux Kernel Elf Binary Loading Local Denial of Service Vuln...
8. Mailreader Remote HTML Injection Vulnerability
9. YepYep MTFTPD Remote CWD Argument Format String Vulnerabilit...
10. Linux Kernel File Lock Local Denial Of Service Vulnerability
11. GDK-Pixbuf BMP Image Processing Double Free Remote Denial of...
12. PAFileDB ID Parameter Cross-Site Scripting Vulnerability
13. BZip2 CHMod File Permission Modification Race Condition Weak...
14. Linux Kernel Futex Local Deadlock Denial Of Service Vulnerab...
15. PHP Group PHP Image File Format Remote Denial Of Service Vul...
16. PHP Group PHP Remote JPEG File Format Remote Denial Of Servi...
17. BakBone NetVault Configure.CFG Local Buffer Overflow Vulnera...
18. BakBone NetVault Remote Heap Overflow Vulnerability
19. Linux Kernel TmpFS Driver Local Denial Of Service Vulnerabil...

April 7th 2005
46 issues handled (SN)
[SA14819] Red Hat update for tetex
[SA14816] Debian update for imagemagick
[SA14807] SGI Advanced Linux Environment Multiple Updates
[SA14806] Gentoo update for sylpheed / sylpheed-claws
[SA14800] Mandrake update for ImageMagick
[SA14791] teTeX Multiple Image Decoder Parsing Vulnerabilities
[SA14855] Ubuntu update for libapache2-mod-php4/php4-cgi
[SA14845] Red Hat update for curl
[SA14830] Gentoo update for dnsmasq
[SA14828] Slackware update for php
[SA14817] Debian update for krb5
[SA14805] Gentoo update for telnet-bsd
[SA14798] Ubuntu update for kernel
[SA14797] SUSE update for ipsec-tools
[SA14796] Mandrake update for libexif
[SA14794] Mandrake update for ipsec-tools
[SA14792] PHP Multiple Vulnerabilities
[SA14856] AIX Unspecified NIS Client System Compromise Vulnerability
[SA14826] Debian update for remstats
[SA14810] remstats Insecure Temporary File Creation and Arbitrary Command Execution
[SA14834] Debian update for wu-ftpd
[SA14803] Mandrake update for grip
[SA14799] phpMyAdmin "convcharset" Cross-Site Scripting Vulnerability
[SA14795] Mandrake update for htdig
[SA14847] Fedora update for mysql
[SA14846] Red Hat update for mysql-server
[SA14822] Conectiva update for mysql
[SA14842] FreeBSD sendfile Kernel Memory Disclosure Vulnerability
[SA14840] Trustix update for kernel
[SA14836] SCO OpenServer nwclient Privilege Escalation Vulnerability
[SA14835] SUSE update for kernel
[SA14827] FreeBSD amd64 Direct Hardware Access Security Issue
[SA14850] Fedora update for gaim
[SA14849] Ubuntu update for gaim
[SA14844] Red Hat update for gdk-pixbuf
[SA14838] Ubuntu update for libgdk-pixbuf2/libgtk2.0-0
[SA14818] Red Hat update for gtk2
[SA14815] Gaim Multiple Denial of Service Weaknesses
[SA14824] Ubuntu update for unshar
[SA14802] AlstraSoft EPay Pro Cross-Site Scripting and Arbitrary File Inclusion
[SA14814] BakBone NetVault Buffer Overflow Vulnerabilities
[SA14832] PayProCart Multiple Vulnerabilities
[SA14821] Mozilla Suite JavaScript Engine Information Disclosure Vulnerability
[SA14820] Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability
[SA14804] Netscape JavaScript Engine Information Disclosure Vulnerability
[SA14793] MX Shop / MX Kart SQL Injection Vulnerabilities
 
Old 04-10-2005, 07:59 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Original Poster
Rep: Reputation: 57
April 5th 2005 (SF)

Security Focus

1. Linux Kernel Bluetooth Signed Buffer Index Vulnerability
BugTraq ID: 12911
Remote: No
Date Published: Mar 28 2005
Relevant URL: http://www.securityfocus.com/bid/12911
Summary:
A local signed buffer index vulnerability affects the Linux kernel. This issue is due to a failure of the affected kernel to securely handle signed values when validating memory indexes. This issue may be leverage by a local attacker to gain escalated privileges on an affected computer.

2. Multiple Vendor Telnet Client LINEMODE Sub-Options Remote Bu...
BugTraq ID: 12918
Remote: Yes
Date Published: Mar 28 2005
Relevant URL: http://www.securityfocus.com/bid/12918
Summary:
A remote buffer overflow vulnerability affects Multiple vendor's Telnet client. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.

3. Multiple Vendor Telnet Client Env_opt_add Heap-Based Buffer ...
BugTraq ID: 12919
Remote: Yes
Date Published: Mar 28 2005
Relevant URL: http://www.securityfocus.com/bid/12919
Summary:
Multiple vendor's Telnet client applications are reported prone to a remote buffer overflow vulnerability. It is reported that the vulnerability exists in a function 'env_opt_add()' in the 'telnet.c' source file, which is apparently common source for all of the affected vendors. A remote attacker may exploit this vulnerability to execute arbitrary code on some of the affected platforms in the context of a user that is using the vulnerable Telnet client to connect to a malicious server.

4. Midnight Commander Insert_Text Buffer Overflow Vulnerability
BugTraq ID: 12928
Remote: No
Date Published: Mar 29 2005
Relevant URL: http://www.securityfocus.com/bid/12928
Summary:
A buffer overflow vulnerability exists in Midnight Commander. The vulnerability is caused by insufficient bounds checking of external data supplied to the 'insert_text()' function. This issue may allow local attackers to execute arbitrary code in the context of another user.

5. Linux Kernel EXT2 File System Information Leak Vulnerability
BugTraq ID: 12932
Remote: No
Date Published: Mar 29 2005
Relevant URL: http://www.securityfocus.com/bid/12932
Summary:
The Linux kernel EXT2 filesystem handling code is reported prone to a local information leakage vulnerability. This issue may be leveraged by a local attacker to gain access to potential sensitive kernel memory. Information gained in this way may lead to further attacks against the affected computer.

6. Sylpheed MIME-Encoded Attachment Name Buffer Overflow Vulner...
BugTraq ID: 12934
Remote: Yes
Date Published: Mar 29 2005
Relevant URL: http://www.securityfocus.com/bid/12934
Summary:
Sylpheed is prone to a buffer overflow when handling email attachments with MIME-encoded file names. Succesful exploitation may allow arbitrary code execution in the security context of the application.

7. Linux Kernel Elf Binary Loading Local Denial of Service Vuln...
BugTraq ID: 12935
Remote: No
Date Published: Mar 29 2005
Relevant URL: http://www.securityfocus.com/bid/12935
Summary:
Linux Kernel is prone to a potential local denial of service vulnerability. It is reported that issue exists in the 'load_elf_library' function. Linux Kernel 2.6.11.5 and prior versions are affected by this issue.

8. Mailreader Remote HTML Injection Vulnerability
BugTraq ID: 12945
Remote: Yes
Date Published: Mar 30 2005
Relevant URL: http://www.securityfocus.com/bid/12945
Summary:
A remote HTML injection vulnerability affects Mailreader. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

9. YepYep MTFTPD Remote CWD Argument Format String Vulnerabilit...
BugTraq ID: 12947
Remote: Yes
Date Published: Mar 30 2005
Relevant URL: http://www.securityfocus.com/bid/12947
Summary:
mtftpd is reported prone to a remote format string vulnerability. Reports indicate that this issue may be exploited by a remote authenticated attacker to execute arbitrary code in the context of the vulnerable service. This vulnerability is reported to affect mtftpd versions up to an including version 0.0.3.

10. Linux Kernel File Lock Local Denial Of Service Vulnerability
BugTraq ID: 12949
Remote: No
Date Published: Mar 30 2005
Relevant URL: http://www.securityfocus.com/bid/12949
Summary:
A local denial of service vulnerability reportedly affects the Linux kernel. This issue arises due to a failure of the kernel to properly handle malicious, excessive file locks. An attacker may leverage this issue to crash or hang the affected kernel and deny service to legitimate users. It should be noted that Symantec has been unable to reproduce this issue after testing. It is possible that this vulnerability is linked to the reporter's specific configuration. More information will be added as it becomes available.

11. GDK-Pixbuf BMP Image Processing Double Free Remote Denial of...
BugTraq ID: 12950
Remote: Yes
Date Published: Mar 30 2005
Relevant URL: http://www.securityfocus.com/bid/12950
Summary:
gdk-pixbuf library is reported prone to a denial of service vulnerability. This issue arises due to a double free condition. It is reported that this vulnerability presents itself when an application that is linked against the library handles malformed Bitmap (.bmp) image files. A successful attack may result in a denial of service condition. It is not confirmed whether this vulnerability could be leveraged to execute arbitrary code. gdk-pixbuf 0.22.0 and gtk2 2.4.14 packages are known to be vulnerable to this issue. It is likely that other versions are affected as well. This BID will be updated when more information becomes available.

12. PAFileDB ID Parameter Cross-Site Scripting Vulnerability
BugTraq ID: 12952
Remote: Yes
Date Published: Mar 31 2005
Relevant URL: http://www.securityfocus.com/bid/12952
Summary:
paFileDB is reported prone to a cross-site scripting vulnerability. The vulnerability presents itself when an attacker supplies malicious HTML and script code through the 'id' parameter. This may allow for theft of cookie-based authentication credentials or other attacks. paFileDB 3.1 and prior versions are affected by this vulnerability. This issue may be related to BID 12788 (PAFileDB Multiple SQL Injection And Cross-Site Scripting Vulnerabilities) and BID 12758 (PHP Arena PAFileDB Multiple Remote Cross Site Scripting Vulnerabilities). This BID will be retired or updated upon further analysis.

13. BZip2 CHMod File Permission Modification Race Condition Weak...
BugTraq ID: 12954
Remote: No
Date Published: Mar 31 2005
Relevant URL: http://www.securityfocus.com/bid/12954
Summary:
bzip2 is reported prone to a security weakness, the issue is only present when an archive is extracted into a world or group writeable directory. It is reported that bzip2 employs non-atomic procedures to write a file and later change the permissions on the newly extracted file. A local attacker may leverage this issue to modify file permissions of target files. This weakness is reported to affect bzip2 version 1.0.2 and previous versions.

14. Linux Kernel Futex Local Deadlock Denial Of Service Vulnerab...
BugTraq ID: 12959
Remote: No
Date Published: Mar 31 2005
Relevant URL: http://www.securityfocus.com/bid/12959
Summary:
The Linux kernel futex functions are reported prone to a local denial of service vulnerability. The issue is reported to manifest because several unspecified futex functions perform 'get_user()' calls and at the same time hold mmap_sem for reading purposes. A local attacker may potentially leverage this issue to trigger a kernel deadlock and potentially deny service for legitimate users. This vulnerability is reported to exist in the 2.6 Linux kernel tree.

15. PHP Group PHP Image File Format Remote Denial Of Service Vul...
BugTraq ID: 12962
Remote: Yes
Date Published: Apr 01 2005
Relevant URL: http://www.securityfocus.com/bid/12962
Summary:
A remote denial of service vulnerability affects PHP Group PHP. This issue is due to a failure of the application to properly handle maliciously formed Image Format File (IFF) image files. It should be noted that this vulnerability can only be exploited remotely if a Web based PHP application is implemented that allows user-supplied images to be processed by the 'getimagesize()' function. The 'getimagesize()' is commonly implemented in PHP Web applications that allow for the display of images. An attacker may leverage this issue to cause the affected script interpreter to consume excessive processing resources on an affected computer, leading to a denial of service condition.

16. PHP Group PHP Remote JPEG File Format Remote Denial Of Servi...
BugTraq ID: 12963
Remote: Yes
Date Published: Apr 01 2005
Relevant URL: http://www.securityfocus.com/bid/12963
Summary:
A remote denial of service vulnerability affects PHP Group PHP. This issue is due to a failure of the application to properly handle maliciously crafted JPEG image files. It should be noted that this vulnerability can only be exploited remotely if a Web based PHP application is implemented that allows user-supplied images to be processed by the 'getimagesize()' function. The 'getimagesize()' is commonly implemented in PHP Web applications that allow for the display of images. An attacker may leverage this issue to cause the affected script interpreter to consume excessive processing resources on an affected computer, leading to a denial of service condition.

17. BakBone NetVault Configure.CFG Local Buffer Overflow Vulnera...
BugTraq ID: 12966
Remote: No
Date Published: Apr 01 2005
Relevant URL: http://www.securityfocus.com/bid/12966
Summary:
NetVault is reported prone to a local buffer overflow vulnerability. It is reported that a local attacker can exploit this vulnerability by supplying excessive data through a variable in the 'configure.cfg' file. A successful attack can allow local attackers to execute arbitrary code on a vulnerable computer to gain elevated privileges. This issue has been confirmed in NetVault 7 packages running on Windows platforms. Other versions of NetVault running on different platforms may be affected as well.

18. BakBone NetVault Remote Heap Overflow Vulnerability
BugTraq ID: 12967
Remote: Yes
Date Published: Apr 01 2005
Relevant URL: http://www.securityfocus.com/bid/12967
Summary:
NetVault is reported prone to a remote heap overflow vulnerability. A successful attack can allow remote attackers to execute arbitrary code on a vulnerable computer to gain unauthorized access. This issue has been confirmed in NetVault 7 packages running on Windows platforms. Other versions of NetVault running on different platforms may be affected as well.

19. Linux Kernel TmpFS Driver Local Denial Of Service Vulnerabil...
BugTraq ID: 12970
Remote: No
Date Published: Apr 01 2005
Relevant URL: http://www.securityfocus.com/bid/12970
Summary:
The Linux kernel is reported prone to a local denial of service vulnerability. The issue is reported to exist in the Linux kernel tmpfs driver, and is because of a lack of sanitization performed on the address argument of 'shm_nopage()'.
 
Old 04-10-2005, 08:00 PM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Original Poster
Rep: Reputation: 57
April 7th 2005 (SN)

Secunia

[SA14819] Red Hat update for tetex
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-04-04
Red Hat has issued an update for tetex. This fixes multiple
vulnerabilities, which potentially can be exploited by malicious people
to cause a DoS (Denial of Service) or compromise a user's system.
Full Advisory:
http://secunia.com/advisories/14819/

[SA14816] Debian update for imagemagick
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-04-04
Debian has issued an update for imagemagick. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/14816/

[SA14807] SGI Advanced Linux Environment Multiple Updates
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Spoofing, DoS,
System access
Released: 2005-04-06
SGI has issued a patch for SGI Advanced Linux Environment. This fixes
multiple vulnerabilities, which can be exploited by malicious people to
bypass certain security restrictions, conduct cross-site scripting and
spoofing attacks, cause a DoS (Denial of Service), and compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/14807/

[SA14806] Gentoo update for sylpheed / sylpheed-claws
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-04-04
Gentoo has issued updates for sylpheed and sylpheed-claws. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/14806/

[SA14800] Mandrake update for ImageMagick
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-04-04
MandrakeSoft has issued an update for ImageMagick. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/14800/

[SA14791] teTeX Multiple Image Decoder Parsing Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-04-04
Some vulnerabilities have been reported in tetex, which potentially can
be exploited by malicious people to cause a DoS (Denial of Service) or
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/14791/

[SA14855] Ubuntu update for libapache2-mod-php4/php4-cgi
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-04-06
Ubuntu has issued updates for libapache2-mod-php4 and php4-cgi. These
fix two vulnerabilities, which can be exploited by malicious people to
cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/14855/

[SA14845] Red Hat update for curl
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-04-06
Red Hat has issued an update for curl. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/14845/

[SA14830] Gentoo update for dnsmasq
Critical: Moderately critical
Where: From remote
Impact: Spoofing, Manipulation of data, DoS
Released: 2005-04-05
Gentoo has issued an update for dnsmasq. This fixes two
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or poison the DNS cache.
Full Advisory:
http://secunia.com/advisories/14830/

[SA14828] Slackware update for php
Critical: Moderately critical
Where: From remote
Impact: Unknown, DoS
Released: 2005-04-06
Slackware has issued an update for php. This fixes some
vulnerabilities, where some have an unknown impact and others can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/14828/

[SA14817] Debian update for krb5
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-04-04
Debian has issued an update for krb5. This fixes two vulnerabilities,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/14817/

[SA14805] Gentoo update for telnet-bsd
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-04-04
Gentoo has issued an update for telnet-bsd. This fixes two
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/14805/

[SA14798] Ubuntu update for kernel
Critical: Moderately critical
Where: From remote
Impact: Hijacking, Exposure of system information, Exposure of
sensitive information, Privilege escalation, DoS, System access
Released: 2005-04-04
Ubuntu has issued an update for the kernel. This fixes multiple
vulnerabilities, which can be exploited to disclose information, cause
a DoS (Denial of Service), gain escalated privileges, or potentially
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/14798/

[SA14797] SUSE update for ipsec-tools
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-04-01
SUSE has issued an update for ipsec-tools. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/14797/

[SA14796] Mandrake update for libexif
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-04-01
Mandrakesoft has issued an update for libexif. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/14796/

[SA14794] Mandrake update for ipsec-tools
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-04-01
MandrakeSoft has issued an update for ipsec-tools. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/14794/

[SA14792] PHP Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown, DoS
Released: 2005-04-01
Multiple vulnerabilities have been reported in PHP, where some have an
unknown impact and others can be exploited by malicious people to cause
a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/14792/

[SA14856] AIX Unspecified NIS Client System Compromise Vulnerability
Critical: Moderately critical
Where: From local network
Impact: Privilege escalation, System access
Released: 2005-04-06
A vulnerability has been reported in AIX, which can be exploited by
malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/14856/

[SA14826] Debian update for remstats
Critical: Moderately critical
Where: From local network
Impact: Privilege escalation, System access
Released: 2005-04-05
Debian has issued an update for remstats. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges and by malicious people to potentially compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/14826/

[SA14810] remstats Insecure Temporary File Creation and Arbitrary Command Execution
Critical: Moderately critical
Where: From local network
Impact: Privilege escalation, System access
Released: 2005-04-05
Jens Steube has reported two vulnerabilities in remstats, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges, and by malicious people to
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/14810/

[SA14834] Debian update for wu-ftpd
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-04-05
Debian has issued an update for wu-ftpd. This fixes two
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/14834/

[SA14803] Mandrake update for grip
Critical: Less critical
Where: From remote
Impact: System access
Released: 2005-04-04
MandrakeSoft has issued an update for grip. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/14803/

[SA14799] phpMyAdmin "convcharset" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-04-04
Oriol Torrent Santiago has reported a vulnerability in phpMyAdmin,
allowing malicious people to conduct cross-site scripting attack.
Full Advisory:
http://secunia.com/advisories/14799/

[SA14795] Mandrake update for htdig
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-04-01
Mandrakesoft has issued an update for htdig. This fixes a
vulnerability, which can be exploited by malicious people to conduct
cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/14795/

[SA14847] Fedora update for mysql
Critical: Less critical
Where: From local network
Impact: Privilege escalation, System access
Released: 2005-04-06
Fedora has issued an update for mysql. This fixes two vulnerabilities,
which potentially can be exploited by malicious users to compromise a
vulnerable system and by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/14847/

[SA14846] Red Hat update for mysql-server
Critical: Less critical
Where: From local network
Impact: Privilege escalation, System access
Released: 2005-04-06
Red Hat has issued an update for mysql-server. This fixes two
vulnerabilities, which potentially can be exploited by malicious users
to compromise a vulnerable system and by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.
Full Advisory:
http://secunia.com/advisories/14846/

[SA14822] Conectiva update for mysql
Critical: Less critical
Where: From local network
Impact: Privilege escalation, System access
Released: 2005-04-05
Conectiva has issued an update for mysql. This fixes two
vulnerabilities, which potentially can be exploited by malicious users
to compromise a vulnerable system and by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.
Full Advisory:
http://secunia.com/advisories/14822/

[SA14842] FreeBSD sendfile Kernel Memory Disclosure Vulnerability
Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2005-04-06
Sven Berkvens and Marc Olzheim have reported a vulnerability in
FreeBSD, which can be exploited by malicious, local users to gain
knowledge of sensitive information.
Full Advisory:
http://secunia.com/advisories/14842/

[SA14840] Trustix update for kernel
Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information, Privilege escalation, DoS
Released: 2005-04-06
Trustix has issued an update for kernel. This fixes multiple
vulnerabilities, which can be exploited by malicious, local users to
disclose information, cause a DoS (Denial of Service), or gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/14840/

[SA14836] SCO OpenServer nwclient Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-04-06
Pasquale Minervini has reported a vulnerability in SCO OpenServer,
which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/14836/

[SA14835] SUSE update for kernel
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-04-05
SUSE has issued an update for the kernel. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/14835/

[SA14827] FreeBSD amd64 Direct Hardware Access Security Issue
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2005-04-06
Jari Kirma has reported a security issue in FreeBSD, which can be
exploited by malicious, local users to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/14827/

[SA14850] Fedora update for gaim
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-04-06
Fedora has issued an update for gaim. This fixes three weaknesses,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/14850/

[SA14849] Ubuntu update for gaim
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-04-06
Ubuntu has issued an update for gaim. This fixes two weaknesses, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/14849/

[SA14844] Red Hat update for gdk-pixbuf
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-04-06
Red Hat has issued an update for gdk-pixbuf. This fixes a
vulnerability, which can be exploited by malicious people to crash
certain applications on a vulnerable system.
Full Advisory:
http://secunia.com/advisories/14844/

[SA14838] Ubuntu update for libgdk-pixbuf2/libgtk2.0-0
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-04-06
Ubuntu has issued updates for libgdk-pixbuf2 and libgtk2.0-0. These fix
a vulnerability, which can be exploited by malicious people to crash
certain applications on a vulnerable system.
Full Advisory:
http://secunia.com/advisories/14838/

[SA14818] Red Hat update for gtk2
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-04-04
Red Hat has issued an update for gtk2. This fixes a vulnerability,
which can be exploited by malicious people to crash certain
applications on a vulnerable system.
Full Advisory:
http://secunia.com/advisories/14818/

[SA14815] Gaim Multiple Denial of Service Weaknesses
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-04-06
Three weaknesses have been reported in Gaim, which can be exploited by
malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/14815/

[SA14824] Ubuntu update for unshar
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2005-04-05
Ubuntu has issued an update for unshar. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to conduct
certain actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/14824/

[SA14802] AlstraSoft EPay Pro Cross-Site Scripting and Arbitrary File Inclusion
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2005-04-04
Diabolic Crab has reported some vulnerabilities in AlstraSoft EPay Pro,
which can be exploited by malicious people to conduct cross-site
scripting attacks and compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/14802/

[SA14814] BakBone NetVault Buffer Overflow Vulnerabilities
Critical: Highly critical
Where: From local network
Impact: System access
Released: 2005-04-05
class101 has reported some vulnerabilities in BakBone NetVault, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/14814/

[SA14832] PayProCart Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Exposure of
sensitive information
Released: 2005-04-05
Diabolic Crab has reported some vulnerabilities in PayProCart, which
can be exploited by malicious people to conduct cross-site scripting
attacks, disclose sensitive information, and bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/14832/

[SA14821] Mozilla Suite JavaScript Engine Information Disclosure
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2005-04-04

A vulnerability has been discovered in Mozilla Suite, which can be
exploited by malicious people to gain knowledge of potentially
sensitive information.

Full Advisory:
http://secunia.com/advisories/14821/

[SA14820] Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive information
Released: 2005-04-04
A vulnerability has been discovered in Mozilla Firefox, which can be
exploited by malicious people to gain knowledge of potentially
sensitive information.
Full Advisory:
http://secunia.com/advisories/14820/

[SA14804] Netscape JavaScript Engine Information Disclosure Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive information
Released: 2005-04-05
A vulnerability has been discovered in Netscape, which can be exploited
by malicious people to gain knowledge of potentially sensitive
information.
Full Advisory:
http://secunia.com/advisories/14804/

[SA14793] MX Shop / MX Kart SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-04-01
Diabolic Crab has reported some vulnerabilities in MX Shop and MX Kart,
which can be exploited by malicious people to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/14793/
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LQ Security Report Oct 2005 unSpawn Linux - Security 5 11-09-2005 03:16 PM
LQ Security Report - April 18th 2005 Capt_Caveman Linux - Security 4 04-18-2005 11:10 PM
LQ Security Report - April 3rd 2005 Capt_Caveman Linux - Security 3 04-03-2005 11:16 PM
LQ security report - April 16th 2004 Capt_Caveman Linux - Security 3 04-17-2004 11:09 AM
LQ security report - Mar 10th 2004 unSpawn Linux - Security 2 03-10-2004 04:04 PM


All times are GMT -5. The time now is 04:41 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration