LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-24-2004, 03:53 PM   #1
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,285
Blog Entries: 54

Rep: Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854
LQ security report - Feb 24th 2004


Feb 23th 2004
23 of 56 issues handled (ISS)
ShopCartCGI "dot dot" directory traversal
XFree86 improper handling of multiple font files
vBulletin search.php cross-site scripting
mnoGoSearch UdmDocToTextBuf function buffer
SignatureDB sdbscan buffer overflow
phpWebSite announce and notes module SQL injection
YaBB SE post.php SQL injection
AllMyLinks PHP file include
AllMyGuests PHP file include
Online Store Kit more.php SQL injection
Online Store Kit more.php cross-site scripting
YABB invalid messages allow attacker to obtain
Linux kernel do_mremap allows elevated privileges
Metamail Content-Type format string attack
Linux kernel Vicam USB driver denial of service
Metamail PrintHeader non-ASCII characters buffer
OWLS file retrieval
Linux Kernel ncp_lookup allows elevated privileges
Metamail splitmail file Subject header buffer
Metamail header format string attack
LiveJournal URL cross-site scripting
XFree86 GLX array index denial of service
XFree86 GLX integer signedness denial of service

Last edited by unSpawn; 02-24-2004 at 04:17 PM.
 
Old 02-24-2004, 03:58 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,285
Blog Entries: 54

Original Poster
Rep: Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854
Feb 23th 2004 (ISS)

Internet Security Systems


Date Reported: 02/17/2004
Brief Description: ShopCartCGI "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, ShopCartCGI 2.3, Unix Any
version
Vulnerability: shopcartcgi-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/14982

Date Reported: 02/13/2004
Brief Description: XFree86 improper handling of multiple font files
Risk Factor: High
Attack Type: Host Based
Platforms: Immunix OS 7.3, Mandrake Linux 9.0, Mandrake Linux
9.1, Mandrake Linux 9.2, Mandrake Linux Corporate
Server 2.1, Red Hat Advanced Workstation 2.1, Red
Hat Enterprise Linux 2.1AS, Red Hat Enterprise
Linux 2.1ES, Red Hat Enterprise Linux 2.1WS, Red
Hat Enterprise Linux 3AS, Red Hat Enterprise Linux
3ES, Red Hat Enterprise Linux 3WS, Red Hat Linux 9,
Slackware Linux 8.0, Slackware Linux 9.0, Slackware
Linux 9.1, Slackware Linux current, Turbolinux 10
Desktop, Turbolinux 7 Server, Turbolinux 7
Workstation, Turbolinux 8 Server, Turbolinux 8
Workstation, XFree86 4.1.0 through 4.3.0
Vulnerability: xfree86-multiple-font-improper-handling
X-Force URL: http://xforce.iss.net/xforce/xfdb/15206

Date Reported: 02/13/2004
Brief Description: vBulletin search.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, vBulletin
3.0.0 RC 4, Windows Any version
Vulnerability: vbulletin-search-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15208

Date Reported: 02/15/2004
Brief Description: mnoGoSearch UdmDocToTextBuf function buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, mnoGoSearch 3.1.13, mnoGoSearch
3.1.14, mnoGoSearch 3.1.15, Unix Any version
Vulnerability: mnogosearch-udmdoctotextbuf-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15209

Date Reported: 02/15/2004
Brief Description: SignatureDB sdbscan buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms: Linux Any version, SignatureDB 0.1.1, Unix Any
version
Vulnerability: signaturedb-sdbscan-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15217

Date Reported: 02/13/2004
Brief Description: phpWebSite announce and notes module SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: phpWebSite 0.9.x and earlier, Unix Any version,
Windows Any version
Vulnerability: phpwebsite-announce-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15219

Date Reported: 02/16/2004
Brief Description: YaBB SE post.php SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, YaBB SE 1.5.4, YaBB SE 1.5.5
Vulnerability: yabb-post-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15224

Date Reported: 02/14/2004
Brief Description: AllMyLinks PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: AllMyLinks Any version, Any operating system Any
version
Vulnerability: allmylinks-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/15226

Date Reported: 02/14/2004
Brief Description: AllMyGuests PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: AllMyGuests Any version, Any operating system Any
version
Vulnerability: allmyguests-php-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/15227

Date Reported: 02/17/2004
Brief Description: Online Store Kit more.php SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: FreeBSD Any version, Linux Any version, Mac OS X
Any version, Online Store Kit Lite 3.0 and earlier,
Online Store Kit Pro 3.0 and earlier, Online Store
Kit Standard 3.0 and earlier, Windows 2000 Advanced
Server, Windows NT Any version
Vulnerability: onlinestorekit-more-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15232

Date Reported: 02/17/2004
Brief Description: Online Store Kit more.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: FreeBSD Any version, Linux Any version, Mac OS X
Any version, Online Store Kit Lite 3.0 and earlier,
Windows 2000 Any version, Windows NT Any version
Vulnerability: onlinestorekit-more-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15235

Date Reported: 02/17/2004
Brief Description: YABB invalid messages allow attacker to obtain
username and password
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, YaBB 1 SP 1.3.1
Vulnerability: yabb-invalidmessage-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/15236

Date Reported: 02/18/2004
Brief Description: Linux kernel do_mremap allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Debian Linux 3.0, Linux kernel 2.2 through 2.2.25,
Linux kernel 2.4 through 2.4.24, Linux kernel 2.6
through 2.6.2, Red Hat Linux 9, Slackware Linux
9.1, Slackware Linux current, SuSE eMail Server
3.1, SuSE eMail Server III Any version, SuSE Linux
8.0, SuSE Linux 8.1, SuSE Linux 8.2, SuSE Linux
9.0, SuSE Linux Connectivity Server Any version,
SuSE Linux Database Server Any version, SuSE Linux
Enterprise Server 7, SuSE Linux Enterprise Server
8, SuSE Linux Firewall Any version, SuSE Linux
Office Server Any version
Vulnerability: linux-mremap-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15244

Date Reported: 02/18/2004
Brief Description: Metamail Content-Type format string attack
Risk Factor: High
Attack Type: Network Based
Platforms: Metamail 2.7 and prior, Red Hat Advanced
Workstation 2.1, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS, Slackware Linux 8.0, Slackware Linux
8.1, Slackware Linux 9.0, Slackware Linux 9.1,
Slackware Linux current
Vulnerability: metamail-contenttype-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/15245

Date Reported: 02/18/2004
Brief Description: Linux kernel Vicam USB driver denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Linux kernel prior to 2.4.25, Red Hat Linux 9, SuSE
eMail Server 3.1, SuSE eMail Server III Any
version, SuSE Linux 8.0, SuSE Linux 8.1, SuSE Linux
8.2, SuSE Linux 9.0, SuSE Linux Connectivity Server
Any version, SuSE Linux Database Server Any
version, SuSE Linux Enterprise Server 7, SuSE Linux
Enterprise Server 8, SuSE Linux Firewall Any
version, SuSE Linux Office Server Any version
Vulnerability: linux-vicam-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15246

Date Reported: 02/18/2004
Brief Description: Metamail PrintHeader non-ASCII characters buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Metamail 2.7 and prior, Red Hat Advanced
Workstation 2.1, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS, Slackware Linux 8.0, Slackware Linux
8.1, Slackware Linux 9.0, Slackware Linux 9.1,
Slackware Linux current
Vulnerability: metamail-printheader-nonascii-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15247

Date Reported: 02/18/2004
Brief Description: OWLS file retrieval
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, OWLS 1.0
Vulnerability: owls-file-retrieval
X-Force URL: http://xforce.iss.net/xforce/xfdb/15249

Date Reported: 02/18/2004
Brief Description: Linux Kernel ncp_lookup allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Linux kernel Any version, Red Hat Linux 9, SuSE
eMail Server 3.1, SuSE eMail Server III Any
version, SuSE Linux 8.0, SuSE Linux 8.1, SuSE Linux
8.2, SuSE Linux 9.0, SuSE Linux Connectivity Server
Any version, SuSE Linux Database Server Any
version, SuSE Linux Enterprise Server 7, SuSE Linux
Enterprise Server 8, SuSE Linux Firewall Any
version, SuSE Linux Office Server Any version
Vulnerability: linux-ncplookup-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15250

Date Reported: 02/18/2004
Brief Description: Metamail splitmail file Subject header buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Metamail 2.7 and prior, Red Hat Advanced
Workstation 2.1, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS
Vulnerability: metamail-splitmail-subject-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15258

Date Reported: 02/18/2004
Brief Description: Metamail header format string attack
Risk Factor: High
Attack Type: Network Based
Platforms: Metamail 2.7 and prior, Red Hat Advanced
Workstation 2.1, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS
Vulnerability: metamail-printheader-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/15259

Date Reported: 02/19/2004
Brief Description: LiveJournal URL cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, LiveJournal any
version
Vulnerability: livejournal-url-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15268

Date Reported: 02/19/2004
Brief Description: XFree86 GLX array index denial of service
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Debian Linux 3.0, XFree86 Any version
Vulnerability: xfree86-glx-array-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15272

Date Reported: 02/19/2004
Brief Description: XFree86 GLX integer signedness denial of service
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Debian Linux 3.0, XFree86 Any version
Vulnerability: xfree86-glx-integer-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15273
 
Old 02-24-2004, 04:13 PM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,285
Blog Entries: 54

Original Poster
Rep: Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854
Feb 23th 2004 (ISS)

Internet Security Systems


Date Reported: 02/17/2004
Brief Description: ShopCartCGI "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, ShopCartCGI 2.3, Unix Any
version
Vulnerability: shopcartcgi-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/14982

Date Reported: 02/13/2004
Brief Description: XFree86 improper handling of multiple font files
Risk Factor: High
Attack Type: Host Based
Platforms: Immunix OS 7.3, Mandrake Linux 9.0, Mandrake Linux
9.1, Mandrake Linux 9.2, Mandrake Linux Corporate
Server 2.1, Red Hat Advanced Workstation 2.1, Red
Hat Enterprise Linux 2.1AS, Red Hat Enterprise
Linux 2.1ES, Red Hat Enterprise Linux 2.1WS, Red
Hat Enterprise Linux 3AS, Red Hat Enterprise Linux
3ES, Red Hat Enterprise Linux 3WS, Red Hat Linux 9,
Slackware Linux 8.0, Slackware Linux 9.0, Slackware
Linux 9.1, Slackware Linux current, Turbolinux 10
Desktop, Turbolinux 7 Server, Turbolinux 7
Workstation, Turbolinux 8 Server, Turbolinux 8
Workstation, XFree86 4.1.0 through 4.3.0
Vulnerability: xfree86-multiple-font-improper-handling
X-Force URL: http://xforce.iss.net/xforce/xfdb/15206

Date Reported: 02/13/2004
Brief Description: vBulletin search.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, vBulletin
3.0.0 RC 4, Windows Any version
Vulnerability: vbulletin-search-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15208

Date Reported: 02/15/2004
Brief Description: mnoGoSearch UdmDocToTextBuf function buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, mnoGoSearch 3.1.13, mnoGoSearch
3.1.14, mnoGoSearch 3.1.15, Unix Any version
Vulnerability: mnogosearch-udmdoctotextbuf-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15209

Date Reported: 02/15/2004
Brief Description: SignatureDB sdbscan buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms: Linux Any version, SignatureDB 0.1.1, Unix Any
version
Vulnerability: signaturedb-sdbscan-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15217

Date Reported: 02/13/2004
Brief Description: phpWebSite announce and notes module SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: phpWebSite 0.9.x and earlier, Unix Any version,
Windows Any version
Vulnerability: phpwebsite-announce-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15219

Date Reported: 02/16/2004
Brief Description: YaBB SE post.php SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, YaBB SE 1.5.4, YaBB SE 1.5.5
Vulnerability: yabb-post-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15224

Date Reported: 02/14/2004
Brief Description: AllMyLinks PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: AllMyLinks Any version, Any operating system Any
version
Vulnerability: allmylinks-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/15226

Date Reported: 02/14/2004
Brief Description: AllMyGuests PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: AllMyGuests Any version, Any operating system Any
version
Vulnerability: allmyguests-php-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/15227

Date Reported: 02/17/2004
Brief Description: Online Store Kit more.php SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: FreeBSD Any version, Linux Any version, Mac OS X
Any version, Online Store Kit Lite 3.0 and earlier,
Online Store Kit Pro 3.0 and earlier, Online Store
Kit Standard 3.0 and earlier, Windows 2000 Advanced
Server, Windows NT Any version
Vulnerability: onlinestorekit-more-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15232

Date Reported: 02/17/2004
Brief Description: Online Store Kit more.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: FreeBSD Any version, Linux Any version, Mac OS X
Any version, Online Store Kit Lite 3.0 and earlier,
Windows 2000 Any version, Windows NT Any version
Vulnerability: onlinestorekit-more-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15235

Date Reported: 02/17/2004
Brief Description: YABB invalid messages allow attacker to obtain
username and password
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, YaBB 1 SP 1.3.1
Vulnerability: yabb-invalidmessage-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/15236

Date Reported: 02/18/2004
Brief Description: Linux kernel do_mremap allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Debian Linux 3.0, Linux kernel 2.2 through 2.2.25,
Linux kernel 2.4 through 2.4.24, Linux kernel 2.6
through 2.6.2, Red Hat Linux 9, Slackware Linux
9.1, Slackware Linux current, SuSE eMail Server
3.1, SuSE eMail Server III Any version, SuSE Linux
8.0, SuSE Linux 8.1, SuSE Linux 8.2, SuSE Linux
9.0, SuSE Linux Connectivity Server Any version,
SuSE Linux Database Server Any version, SuSE Linux
Enterprise Server 7, SuSE Linux Enterprise Server
8, SuSE Linux Firewall Any version, SuSE Linux
Office Server Any version
Vulnerability: linux-mremap-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15244

Date Reported: 02/18/2004
Brief Description: Metamail Content-Type format string attack
Risk Factor: High
Attack Type: Network Based
Platforms: Metamail 2.7 and prior, Red Hat Advanced
Workstation 2.1, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS, Slackware Linux 8.0, Slackware Linux
8.1, Slackware Linux 9.0, Slackware Linux 9.1,
Slackware Linux current
Vulnerability: metamail-contenttype-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/15245

Date Reported: 02/18/2004
Brief Description: Linux kernel Vicam USB driver denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Linux kernel prior to 2.4.25, Red Hat Linux 9, SuSE
eMail Server 3.1, SuSE eMail Server III Any
version, SuSE Linux 8.0, SuSE Linux 8.1, SuSE Linux
8.2, SuSE Linux 9.0, SuSE Linux Connectivity Server
Any version, SuSE Linux Database Server Any
version, SuSE Linux Enterprise Server 7, SuSE Linux
Enterprise Server 8, SuSE Linux Firewall Any
version, SuSE Linux Office Server Any version
Vulnerability: linux-vicam-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15246

Date Reported: 02/18/2004
Brief Description: Metamail PrintHeader non-ASCII characters buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Metamail 2.7 and prior, Red Hat Advanced
Workstation 2.1, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS, Slackware Linux 8.0, Slackware Linux
8.1, Slackware Linux 9.0, Slackware Linux 9.1,
Slackware Linux current
Vulnerability: metamail-printheader-nonascii-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15247

Date Reported: 02/18/2004
Brief Description: OWLS file retrieval
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, OWLS 1.0
Vulnerability: owls-file-retrieval
X-Force URL: http://xforce.iss.net/xforce/xfdb/15249

Date Reported: 02/18/2004
Brief Description: Linux Kernel ncp_lookup allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Linux kernel Any version, Red Hat Linux 9, SuSE
eMail Server 3.1, SuSE eMail Server III Any
version, SuSE Linux 8.0, SuSE Linux 8.1, SuSE Linux
8.2, SuSE Linux 9.0, SuSE Linux Connectivity Server
Any version, SuSE Linux Database Server Any
version, SuSE Linux Enterprise Server 7, SuSE Linux
Enterprise Server 8, SuSE Linux Firewall Any
version, SuSE Linux Office Server Any version
Vulnerability: linux-ncplookup-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15250

Date Reported: 02/18/2004
Brief Description: Metamail splitmail file Subject header buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Metamail 2.7 and prior, Red Hat Advanced
Workstation 2.1, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS
Vulnerability: metamail-splitmail-subject-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15258

Date Reported: 02/18/2004
Brief Description: Metamail header format string attack
Risk Factor: High
Attack Type: Network Based
Platforms: Metamail 2.7 and prior, Red Hat Advanced
Workstation 2.1, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS
Vulnerability: metamail-printheader-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/15259

Date Reported: 02/19/2004
Brief Description: LiveJournal URL cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, LiveJournal any
version
Vulnerability: livejournal-url-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15268

Date Reported: 02/19/2004
Brief Description: XFree86 GLX array index denial of service
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Debian Linux 3.0, XFree86 Any version
Vulnerability: xfree86-glx-array-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15272

Date Reported: 02/19/2004
Brief Description: XFree86 GLX integer signedness denial of service
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Debian Linux 3.0, XFree86 Any version
Vulnerability: xfree86-glx-integer-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15273
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LQ - Security Report - August 24th 2004 Capt_Caveman Linux - Security 2 08-24-2004 04:27 AM
LQ Security Report - May 8th 2004 Capt_Caveman Linux - Security 3 05-08-2004 11:39 AM
LQ security report - Feb 18th 2004 unSpawn Linux - Security 3 02-18-2004 04:32 PM
LQ security report - Feb 13th 2004 unSpawn Linux - Security 5 02-13-2004 11:36 AM
LQ weekly security rep - Mon Feb 24th 2003 unSpawn Linux - Security 2 02-24-2003 08:00 PM


All times are GMT -5. The time now is 01:04 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration