LQ Security Report - February 20th 2005
February 15th 2005
21 issues handled (SF) 1. SuSE Linux Open-Xchange Unspecified Path Traversal Vulnerabi... 2. Linux Kernel ntfs_warning() and ntfs_error() Local Denial of... 3. Multiple Web Browser International Domain Name Handling Site... 4. Mozilla Firefox About Configuration Hidden Frame Remote Conf... 5. XGB Authentication Bypass Vulnerability 6. BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffe... 7. XView Multiple Unspecified Local Buffer Overflow Vulnerabili... 8. GNU Mailman Remote Directory Traversal Vulnerability 9. IBM DB2 Universal Database Unspecified Vulnerability 10. IBM DB2 XML Extender UDF Unauthorized File Access Vulnerabil... 11. IBM DB2 Universal Database Server Network Message Processing... 12. IBM DB2 Unspecified XML Functions Remote Arbitrary Code Exec... 13. IBM DB2 Universal Database Server Object Creation Remote Cod... 14. F-Secure ARJ Handling Buffer Overflow Vulnerability 15. Yongguang Zhang HZTTY Local Arbitrary Command Execution Vuln... 16. Apache mod_python Module Publisher Handler Information Discl... 17. Armagetron Advanced Multiple Remote Denial Of Service Vulner... 18. BrightStor ARCserve/Enterprise Backup Default Backdoor Accou... 19. XPCD PCDSVGAView Local Buffer Overflow Vulnerability 20. Netkit RWho Packet Size Denial Of Service Vulnerability 21. Gentoo Portage-Built Webmin Binary Package Build Host Root P... February 17th 2005 66 issues handled (SN) Part A [SA14315] Ubuntu update for lesstif2 [SA14301] Conectiva update for XFree86 [SA14287] Debian update for awstats [SA14260] SGI Advanced Linux Environment update for less/xpdf [SA14259] SGI Advanced Linux Environment Multiple Updates [SA14318] Debian update for emacs21 [SA14308] Gentoo update for lighttpd [SA14307] Gentoo update for emacs/xemacs [SA14305] Mandrake update for emacs [SA14297] lighttpd "%00" Application Source Code Disclosure Vulnerability [SA14296] Ubuntu update for kernel [SA14295] Linux Kernel Multiple Vulnerabilities [SA14288] Mandrake update for mailman [SA14282] Gentoo update for opera [SA14281] Fedora update for xemacs [SA14279] Red Hat update for python [SA14267] Trustix Updates for Multiple Packages [SA14258] Conectiva update for evolution [SA14257] SUSE update for mailman [SA14252] SUSE Updates for Multiple Packages [SA14251] Red Hat update for squid [SA14314] Gentoo update for kdeedu [SA14306] KDE fliccd Buffer Overflow Vulnerabilities [SA14261] SGI Advanced Linux Environment update for krb5 [SA14303] Debian update for htdig [SA14290] Gentoo update for postgresql [SA14285] Sun Solaris FTP Server PASV Commands Denial of Service [SA14280] Red Hat update for postgresql [SA14276] Gentoo update for htdig [SA14275] Gentoo update for pdns [SA14271] Squid FQDN Lookup Denial of Service Vulnerability [SA14269] Gentoo update for mod_python [SA14255] ht://Dig "config" Parameter Cross-Site Scripting Vulnerability Part B [SA14253] Open WebMail Login Page Cross-Site Scripting Vulnerability [SA14249] Ubuntu update for mod_python [SA14316] Gentoo update for wpa_supplicant [SA14310] Debian update for postgresql [SA14309] Mandrake update for rwho [SA14286] Sun Solaris ARP Flooding Denial of Service Vulnerability [SA14278] Debian update for netkit-rwho [SA14266] netkit-rwho rwhod Packet Validation Denial of Service [SA14265] Gentoo webmin Encrypted Root Password Disclosure [SA14300] Debian update for synaesthesia [SA14292] Gentoo update for VMware [SA14291] VMware Workstation gdk-pixbuf Path Searching Vulnerability [SA14277] Debian toolchain-source "tpkg-*" Privilege Escalation [SA14270] Linux Kernel Memory Disclosure and Privilege Escalation [SA14264] Gentoo update for perl [SA14254] KDE kdelibs dcopidlng Script Insecure Temporary File Creation [SA14250] Debian update for xpcd [SA14248] xpcd Buffer Overflow Vulnerabilities [SA14317] Debian update for typespeed [SA14312] Typespeed Format String Vulnerability [SA14311] HP Web-Enabled Management Software HTTP Server Buffer Overflow [SA14268] ELOG Two Vulnerabilities [SA14273] Quake3 Engine Query Handling Denial of Service Vulnerability [SA14272] CubeCart "language" Local File Inclusion Vulnerability [SA14263] Siteman Site Owner Registration Security Bypass Vulnerability [SA14293] BrightStor ARCserve Backup Discovery Service SERVICEPC Buffer Overflow [SA14299] AWStats Multiple Vulnerabilities [SA14298] BEA WebLogic Server/Express User Account Enumeration [SA14294] OpenConf Title Script Insertion Vulnerability [SA14289] PHP-Nuke Cross-Site Scripting Vulnerabilities [SA14262] NewsBruiser Comment System Security Bypass Vulnerability [SA14313] wpa_supplicant EAPOL-Key Frames Buffer Overflow [SA14284] Mercuryboard "debug" Debug Information Disclosure February 18th 2005 51 issues handled across 7 distros libxpm evolution mailman hztty xpcd sympa netkit-rwho toolchain-source htdig synaesthesia awstats postgresql typespeed emacs21 gftp mod_python openoffice xemacs21 kernel kdeedu python gallery webmin perl powerDNS opera vmware lighthttpd wpa_supplicant kstars midnight commander draxtools cpio enscript squid mySQL rwho squirrelmail exim php alsa-lib xpdf libtif vim ethereal krb5 cups gpdf imagemagick perl-DBI thunderbird |
February 15th 2005 (SF)
Security Focus
1. SuSE Linux Open-Xchange Unspecified Path Traversal Vulnerabi... BugTraq ID: 12448 Remote: Yes Date Published: Feb 04 2005 Relevant URL: http://www.securityfocus.com/bid/12448 Summary: SuSE Linux Open-Xchange (SLOX) is reported prone to an unspecified path traversal vulnerability. It is likely that this vulnerability may be exploited remotely to disclose restricted information outside of a root directory, this is not confirmed. This BID will be updated as soon as further information regarding this vulnerability is made available. 2. Linux Kernel ntfs_warning() and ntfs_error() Local Denial of... BugTraq ID: 12460 Remote: No Date Published: Feb 07 2005 Relevant URL: http://www.securityfocus.com/bid/12460 Summary: Linux Kernel is reported prone to a local denial of service vulnerability. It is reported that this vulnerability exists in the 'ntfs_warning()' and 'ntfs_error()' functions when compiled without debug. Further details are not currently available. This BID will be updated when more information becomes available. Linux Kernel 2.6.11-rc2 is reported vulnerable to this issue. All 2.6 versions are likely vulnerable as well. 3. Multiple Web Browser International Domain Name Handling Site... BugTraq ID: 12461 Remote: Yes Date Published: Feb 07 2005 Relevant URL: http://www.securityfocus.com/bid/12461 Summary: Multiple Web browsers are reported prone to vulnerabilities that surround the handling of International Domain Names. The vulnerabilities exist due to inconsistencies in how International Domain Names are processed. Reports indicate that this inconsistency can be leveraged to spoof address bar, status-bar, and SSL certificate values. These vulnerabilities may be exploited by a remote attacker to aid in phishing style attacks. This may result in the voluntary disclosure of sensitive information to a malicious website due to a false sense of trust. Although these vulnerabilities are reported to affect Web browsers, mail clients that depend on the Web browser to generate HTML code may also be affected. 4. Mozilla Firefox About Configuration Hidden Frame Remote Conf... BugTraq ID: 12466 Remote: Yes Date Published: Feb 07 2005 Relevant URL: http://www.securityfocus.com/bid/12466 Summary: A remote configuration manipulation vulnerability affects Mozilla Firefox. This issue is due to a failure of the application to properly secure sensitive configuration scripts from being activated by remote attackers. An attacker may leverage this issue to alter an unsuspecting user's configuration settings; this may lead to a false sense of security as sensitive settings may be manipulated without the user's knowledge. 5. XGB Authentication Bypass Vulnerability BugTraq ID: 12489 Remote: Yes Date Published: Feb 08 2005 Relevant URL: http://www.securityfocus.com/bid/12489 Summary: xGB is reportedly affected by a vulnerability that could permit unauthorized administrator access. This issue is due to the application failing to properly verify user credentials. A malicious user could exploit this vulnerability to bypass user authentication and gain administrative access. This vulnerability is reported to affect xGB version 2.0; earlier versions may also be vulnerable. 6. BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffe... BugTraq ID: 12491 Remote: Yes Date Published: Feb 08 2005 Relevant URL: http://www.securityfocus.com/bid/12491 Summary: Various Computer Associates BrightStor ARCserve/Enterprise Backup products are prone to a remote buffer overflow vulnerability. This issue presents itself because the affected applications do not perform boundary checks prior to copying user-supplied data into sensitive process buffers. A remote attacker may execute arbitrary code on a vulnerable computer to gain unauthorized access to it. 7. XView Multiple Unspecified Local Buffer Overflow Vulnerabili... BugTraq ID: 12500 Remote: No Date Published: Feb 09 2005 Relevant URL: http://www.securityfocus.com/bid/12500 Summary: It is reported that a number of unspecified buffer overflow vulnerabilities exist in the xview library. These issues could allow a local user to execute arbitrary code via linked executables that are installed with setuid privileges. Debian has identified these issues in xview-3.2p1.4. Other versions affecting various platforms may be vulnerable as well. 8. GNU Mailman Remote Directory Traversal Vulnerability BugTraq ID: 12504 Remote: Yes Date Published: Feb 09 2005 Relevant URL: http://www.securityfocus.com/bid/12504 Summary: Mailman, when hosted on a web server that does not strip extra slashes from URLs (i.e. Apache 1.3.x), is reported prone to a remote directory traversal vulnerability. The remote attacker may exploit this vulnerability to disclose the contents of web server readable files. Symantec has received reports of the username and password databases of public mailing lists being compromised through the exploitation of this vulnerability. Information that is harvested by leveraging this vulnerability may be used to aid in further attacks against a target computer or victim user. 9. IBM DB2 Universal Database Unspecified Vulnerability BugTraq ID: 12508 Remote: Yes Date Published: Feb 09 2005 Relevant URL: http://www.securityfocus.com/bid/12508 Summary: IBM DB2 Universal Database is reported prone to a vulnerability. The details of this issue are unspecified. The discoverer of this issue has reported that further details regarding this vulnerability will be released on the 9th of May 2005. When these details are released this BID will be updated with the additional details. This vulnerability is reported to exist in IBMDB2 Universal Database version 8.1 and previous versions. 10. IBM DB2 XML Extender UDF Unauthorized File Access Vulnerabil... BugTraq ID: 12510 Remote: Yes Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12510 Summary: IBM DB2 is prone to a security vulnerability that may allow unauthorized read or write access to files on the computer in the context of the server process. This issue exists in the XML Extender UDFs (User-Defined Functions). This could result in information disclosure as well as corruption of files on the computer. There is a theoretical possibility of code execution. This vulnerability appears similar in nature to BID 12170 IBM DB2 XML Function Unauthorized File Creation and Disclosure Vulnerability. This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified Vulnerability. 11. IBM DB2 Universal Database Server Network Message Processing... BugTraq ID: 12511 Remote: Yes Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12511 Summary: A remote code execution vulnerability affects IBM DB2 Universal Database Server. This issue is due to a failure of the application to properly handle network messages under certain circumstances. This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified Vulnerability. An attacker with a database connection may leverage this issue to execute arbitrary code within the context of the affected database instance, potentially facilitating unauthorized access or privilege escalation. 12. IBM DB2 Unspecified XML Functions Remote Arbitrary Code Exec... BugTraq ID: 12512 Remote: Yes Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12512 Summary: IBM DB2 is reported prone to a remote arbitrary code execution vulnerability. This issue can allow a remote attacker to completely compromise a vulnerable database server. IBM DB2 version 8 FixPak 7 and FixPak 7a are reported vulnerable to this issue. Further details are not available currently. It is possible that this issue results from an overflow condition, however, this is not confirmed at the moment. It is also possible that an SQL injection type attack may be used to leverage this issue. This BID will be updated when more information becomes available. This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified Vulnerability. 13. IBM DB2 Universal Database Server Object Creation Remote Cod... BugTraq ID: 12514 Remote: Yes Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12514 Summary: A remote code execution vulnerability affects IBM DB2 Universal Database Server. This issue is due to a failure of the application to properly handle the creation of new objects. This issue may be related to BID 12508 IBM DB2 Universal Database Unspecified Vulnerability. An attacker with a database connection may leverage this issue to execute arbitrary code within the context of the affected database instance, potentially facilitating unauthorized access or privilege escalation. 14. F-Secure ARJ Handling Buffer Overflow Vulnerability BugTraq ID: 12515 Remote: Yes Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12515 Summary: A buffer overflow vulnerability exists in the ARJ handling code in the Anti-Virus library included in various F-Secure products. The vulnerability is due to insufficient bounds check of ARJ header fields which will be copied into a finite buffer on the heap. This vulnerability could be exploited by a malicious ARJ archive to execute arbitrary code in the context of the affected applications. 15. Yongguang Zhang HZTTY Local Arbitrary Command Execution Vuln... BugTraq ID: 12518 Remote: No Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12518 Summary: A local, arbitrary command execution vulnerability affects Yongguang Zhang hztty. The underlying cause of this issue is currently unknown. This BID will be updated as more information is released. An attacker may leverage this issue to execute arbitrary commands with the privileges of the 'utmp' group, potentially facilitating privilege escalation. 16. Apache mod_python Module Publisher Handler Information Discl... BugTraq ID: 12519 Remote: Yes Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12519 Summary: The mod_python module publisher handler is prone to a remote information disclosure vulnerability. This issue may allow remote unauthorized attackers to gain access to sensitive objects. Information disclosed through the exploitation of this issue may aid in launching further attacks against an affected server. All versions of mod_python are considered vulnerable at the moment. 17. Armagetron Advanced Multiple Remote Denial Of Service Vulner... BugTraq ID: 12520 Remote: Yes Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12520 Summary: Multiple denial of service vulnerabilities affect Armagetron Advanced. These issues are due to a failure of the application to handle malformed network data. An attacker may leverage these issues to cause a remote denial of service condition in affected applications. 18. BrightStor ARCserve/Enterprise Backup Default Backdoor Accou... BugTraq ID: 12522 Remote: Yes Date Published: Feb 10 2005 Relevant URL: http://www.securityfocus.com/bid/12522 Summary: BrightStor ARCserve/Enterprise Backup products contain a backdoor account. It is reported that hard coded credentials are present in the 'UniversalAgent' service of BrightStor ARCserve/Enterprise Backup products for UNIX platforms. An attacker may carry out various attacks such as arbitrary command and code execution by using the hard coded credentials. This may lead to a complete compromise of an affected computer. 19. XPCD PCDSVGAView Local Buffer Overflow Vulnerability BugTraq ID: 12523 Remote: No Date Published: Feb 11 2005 Relevant URL: http://www.securityfocus.com/bid/12523 Summary: A local buffer overflow vulnerability affects xpcd pcdsvgaview. This issue is due to a failure of the application to securely copy user-supplied input into finite process buffers. An attacker may leverage this issue to execute arbitrary code with superuser privileges. 20. Netkit RWho Packet Size Denial Of Service Vulnerability BugTraq ID: 12524 Remote: Yes Date Published: Feb 11 2005 Relevant URL: http://www.securityfocus.com/bid/12524 Summary: The Netkit rwho daemon is prone to a denial of service vulnerability. This condition occurs when the server processes packets with malformed sizes. The vulnerability is only reported to affect the software running on little endian platforms. It is not known if this condition is due to a boundary condition error or if it may further be leveraged to execute arbitrary code. 21. Gentoo Portage-Built Webmin Binary Package Build Host Root P... BugTraq ID: 12532 Remote: Yes Date Published: Feb 11 2005 Relevant URL: http://www.securityfocus.com/bid/12532 Summary: It is reported that the Gentoo Portage-built Webmin binary package discloses the build host's root password to remote users. Any users who build the affected Webmin binary and share it with other users are at a risk of compromise. Gentoo app-admin/webmin packages prior to 1.170-r3 are vulnerable to this issue. |
February 17th 2005 (SN) Part A
Secunia
[SA14315] Ubuntu update for lesstif2 Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-02-17 Ubuntu has issued an update for lesstif2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14315/ [SA14301] Conectiva update for XFree86 Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-15 Conectiva has issued an update for XFree86. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14301/ [SA14287] Debian update for awstats Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-15 Debian has issued an update for awstats. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14287/ [SA14260] SGI Advanced Linux Environment update for less/xpdf Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-14 SGI has issued a patch for less and xpdf in SGI Advanced Linux Environment. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14260/ [SA14259] SGI Advanced Linux Environment Multiple Updates Critical: Highly critical Where: From remote Impact: Privilege escalation, DoS, System access Released: 2005-02-14 SGI has issued a patch for SGI Advanced Linux Environment. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service), gain escalated privileges, or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14259/ [SA14318] Debian update for emacs21 Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-17 Debian has issued an update for emacs21. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14318/ [SA14308] Gentoo update for lighttpd Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-16 Gentoo has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to disclose some potentially sensitive information. Full Advisory: http://secunia.com/advisories/14308/ [SA14307] Gentoo update for emacs/xemacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-16 Gentoo has issued updates for emacs and xemacs. These fix a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14307/ [SA14305] Mandrake update for emacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-16 MandrakeSoft has issued an update for emacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14305/ [SA14297] lighttpd "%00" Application Source Code Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-16 A vulnerability has been reported in lighttpd, which can be exploited by malicious people to disclose some potentially sensitive information. Full Advisory: http://secunia.com/advisories/14297/ [SA14296] Ubuntu update for kernel Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, Exposure of sensitive information, DoS Released: 2005-02-16 Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service), or by malicious people to cause a DoS or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14296/ [SA14295] Linux Kernel Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, Exposure of sensitive information, DoS Released: 2005-02-16 Some vulnerabilities have been reported in the Linux kernel. These can be exploited by malicious, local users to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service), or by malicious people to cause a DoS or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14295/ [SA14288] Mandrake update for mailman Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-15 MandrakeSoft has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to gain knowledge of users' passwords. Full Advisory: http://secunia.com/advisories/14288/ [SA14282] Gentoo update for opera Critical: Moderately critical Where: From remote Impact: Spoofing, Exposure of system information, Privilege escalation, System access Released: 2005-02-15 Gentoo has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to disclose some system information, spoof the content of websites, trick a user into executing malicious files and compromise a user's system. Full Advisory: http://secunia.com/advisories/14282/ [SA14281] Fedora update for xemacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-15 Fedora has issued an update for xemacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14281/ [SA14279] Red Hat update for python Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, System access Released: 2005-02-14 Red Hat has issued an update for python. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14279/ [SA14267] Trustix Updates for Multiple Packages Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, Manipulation of data, Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2005-02-14 Trustix has issued updates for bind, clamav, cpio, cups, mod_python, perl, postgresql, python and squid. These fix some vulnerabilities, one with an unknown impact and others which can be exploited to gain escalated privileges, cause a DoS (Denial of Service), disclose and manipulate sensitive information, bypass certain security restrictions and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14267/ [SA14258] Conectiva update for evolution Critical: Moderately critical Where: From remote Impact: Privilege escalation, System access Released: 2005-02-17 Conectiva has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14258/ [SA14257] SUSE update for mailman Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-15 SUSE has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to gain knowledge of users' passwords. Full Advisory: http://secunia.com/advisories/14257/ [SA14252] SUSE Updates for Multiple Packages Critical: Moderately critical Where: From remote Impact: Privilege escalation, DoS, System access Released: 2005-02-14 SUSE has issued updates for multiple packages. These fix various vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and compromise a user's system. Full Advisory: http://secunia.com/advisories/14252/ [SA14251] Red Hat update for squid Critical: Moderately critical Where: From remote Impact: Security Bypass, DoS, System access Released: 2005-02-14 Red Hat has issued an update for squid. This fixes multiple vulnerabilities, which can be exploited to cause a DoS (Denial of Service), bypass certain security restrictions, or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14251/ [SA14314] Gentoo update for kdeedu Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-02-17 Gentoo has issued an update for kdeedu. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14314/ [SA14306] KDE fliccd Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-02-16 Erik Sjölund has reported some vulnerabilities in KDE, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14306/ [SA14261] SGI Advanced Linux Environment update for krb5 Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-02-14 SGI has issued a patch for krb5 in SGI Advanced Linux Environment. This fixes two vulnerabilities, which can be exploited to perform certain actions on a vulnerable system with escalated privileges or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14261/ [SA14303] Debian update for htdig Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-15 Debian has issued an update for htdig. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14303/ [SA14290] Gentoo update for postgresql Critical: Less critical Where: From remote Impact: Privilege escalation Released: 2005-02-15 Gentoo has issued an update for postgresql. This fixes a vulnerability, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14290/ [SA14285] Sun Solaris FTP Server PASV Commands Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2005-02-15 Sun has acknowledged an older vulnerability in Sun Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14285/ [SA14280] Red Hat update for postgresql Critical: Less critical Where: From remote Impact: Security Bypass, Privilege escalation, DoS Released: 2005-02-14 Red Hat has issued an update for postgresql. This fixes various vulnerabilities, which can be exploited by malicious users to gain escalated privileges, cause a DoS (Denial of Service), or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14280/ [SA14276] Gentoo update for htdig Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-14 Gentoo has issued an update for htdig. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14276/ [SA14275] Gentoo update for pdns Critical: Less critical Where: From remote Impact: DoS Released: 2005-02-14 Gentoo has issued an update for pdns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14275/ [SA14271] Squid FQDN Lookup Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2005-02-14 A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14271/ [SA14269] Gentoo update for mod_python Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-14 Gentoo has issued an update for mod_python. This fixes a vulnerability, which potentially can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14269/ [SA14255] ht://Dig "config" Parameter Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-14 Michael Krax has reported a vulnerability in ht://Dig, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14255/ |
Secunia - Part B
[SA14253] Open WebMail Login Page Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-14 Oriol Torrent Santiago has reported a vulnerability in Open WebMail, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14253/ [SA14249] Ubuntu update for mod_python Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-11 Ubuntu has issued an update for mod_python. This fixes a vulnerability, which potentially can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14249/ [SA14316] Gentoo update for wpa_supplicant Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-17 Gentoo has issued an update for wpa_supplicant. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14316/ [SA14310] Debian update for postgresql Critical: Less critical Where: From local network Impact: Privilege escalation Released: 2005-02-16 Debian has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14310/ [SA14309] Mandrake update for rwho Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-17 MandrakeSoft has issued an update for rwho. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14309/ [SA14286] Sun Solaris ARP Flooding Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-15 A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14286/ [SA14278] Debian update for netkit-rwho Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-14 Debian has issued an update for netkit-rwho. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14278/ [SA14266] netkit-rwho rwhod Packet Validation Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-14 Vlad902 has reported a vulnerability in netkit-rwho, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14266/ [SA14265] Gentoo webmin Encrypted Root Password Disclosure Critical: Less critical Where: From local network Impact: Exposure of sensitive information Released: 2005-02-14 Gentoo has issued an update for webmin. This fixes a security issue, which may disclose sensitive information to malicious people. Full Advisory: http://secunia.com/advisories/14265/ [SA14300] Debian update for synaesthesia Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-15 Debian has issued an update for synaesthesia. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14300/ [SA14292] Gentoo update for VMware Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-15 Gentoo has issued an update for VMware. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14292/ [SA14291] VMware Workstation gdk-pixbuf Path Searching Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-15 Tavis Ormandy has discovered a vulnerability in VMware Workstation, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14291/ [SA14277] Debian toolchain-source "tpkg-*" Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-14 Sean Finney has reported some vulnerabilities in toolchain-source, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14277/ [SA14270] Linux Kernel Memory Disclosure and Privilege Escalation Critical: Less critical Where: Local system Impact: Unknown, Exposure of sensitive information, Privilege escalation Released: 2005-02-15 Some vulnerabilities have been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to disclose kernel memory or gain escalated privileges. Full Advisory: http://secunia.com/advisories/14270/ [SA14264] Gentoo update for perl Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-14 Gentoo has issued an update for perl. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14264/ [SA14254] KDE kdelibs dcopidlng Script Insecure Temporary File Creation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-14 Davide Madrisan has reported a vulnerability in KDE kdelibs, which can be exploited by malicious, local users to perform certain actions with escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/14254/ [SA14250] Debian update for xpcd Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-11 Debian has issued an update for xpcd. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14250/ [SA14248] xpcd Buffer Overflow Vulnerabilities Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-11 Erik Sjölund has reported some vulnerabilities in xpcd, which may be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14248/ [SA14317] Debian update for typespeed Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2005-02-17 Debian has issued an update for typespeed. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14317/ [SA14312] Typespeed Format String Vulnerability Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2005-02-17 Ulf Härnhammar has reported a vulnerability in Typespeed, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14312/ [SA14311] HP Web-Enabled Management Software HTTP Server Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-16 A vulnerability has been reported in HP HTTP Server, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14311/ [SA14268] ELOG Two Vulnerabilities Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, System access Released: 2005-02-15 Two vulnerabilities have been reported in ELOG, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14268/ [SA14273] Quake3 Engine Query Handling Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-02-14 Luigi Auriemma has reported a vulnerability in Quake3 Engine, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14273/ [SA14272] CubeCart "language" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-14 John Cobb has reported a vulnerability in CubeCart, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14272/ [SA14263] Siteman Site Owner Registration Security Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-02-15 A vulnerability has been reported in Siteman, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14263/ [SA14293] BrightStor ARCserve Backup Discovery Service SERVICEPC Buffer Overflow Critical: Moderately critical Where: From local network Impact: System access Released: 2005-02-15 cybertronic has reported a vulnerability in BrightStor ARCserve/Enterprise Backup, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14293/ [SA14299] AWStats Multiple Vulnerabilities Critical: Less critical Where: From remote Impact: Privilege escalation, DoS Released: 2005-02-15 GHC has reported some vulnerabilities in AWStats, which potentially can be exploited by malicious, local users to gain escalated privileges, and by malicious people to disclose system information and cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14299/ [SA14298] BEA WebLogic Server/Express User Account Enumeration Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2005-02-15 A security issue has been reported in WebLogic Server and WebLogic Express, which can be exploited by malicious people to enumerate valid user accounts. Full Advisory: http://secunia.com/advisories/14298/ [SA14294] OpenConf Title Script Insertion Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-15 RedTeam has reported a vulnerability in OpenConf, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/14294/ [SA14289] PHP-Nuke Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting, Exposure of system information Released: 2005-02-15 Janek Vind "waraxe" has reported two vulnerabilities in PHP-Nuke, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14289/ [SA14262] NewsBruiser Comment System Security Bypass Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass Released: 2005-02-17 Jarno has reported a vulnerability in NewsBruiser, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14262/ [SA14313] wpa_supplicant EAPOL-Key Frames Buffer Overflow Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-17 A vulnerability has been reported in wpa_supplicant, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14313/ [SA14284] Mercuryboard "debug" Debug Information Disclosure Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2005-02-15 Lostmon has discovered a weakness in Mercuryboard, which can be exploited by malicious people to disclose some system information. Full Advisory: http://secunia.com/advisories/14284/ |
February 18th 2005 (LAW)
Linux Advisory Watch
Distribution: Connectiva *Conectiva: XFree86 Fixes for overflows in libXpm Updated XFree86 http://www.linuxsecurity.com/content/view/118286 *Conectiva: evolution Fix for Evolution vulnerability Max Vozeler discovered an integer overflow[2] in the helper application camel-lock-helper. A local attacker can cause the helper to execute arbitrary code only with the current user privileges privileges via a malicious POP server becose it is not setuid root neither setgid mail. http://www.linuxsecurity.com/content/view/118351 Distribution: Debian *Debian: New evolution packages fix arbitrary code execution as root Max Vozeler discovered an integer overflow in a helper application inside of Evolution, a free grouware suite. A local attacker could cause the setuid root helper to execute arbitrary code with elevated privileges. http://www.linuxsecurity.com/content/view/118234 *Debian: New mailman packages fix several vulnerabilities Updated http://www.linuxsecurity.com/content/view/118235 *Debian: New hztty packages fix local utmp exploit Updated package http://www.linuxsecurity.com/content/view/118245 *Debian: New mailman packages really fix several vulnerabilities Updated package. http://www.linuxsecurity.com/content/view/118261 *Debian: New xpcd packages fix arbitrary code execution as root Updated package. http://www.linuxsecurity.com/content/view/118262 *Debian: New sympa packages fix potential arbitrary code execution Updated package. http://www.linuxsecurity.com/content/view/118263 *Debian: New netkit-rwho packages fix denial of service Updated package. http://www.linuxsecurity.com/content/view/118266 *Debian: New toolchain-source package fixes insecure temporary files Updated package. http://www.linuxsecurity.com/content/view/118280 *Debian: New htdig packages fix cross-site scripting vulnerability Updated package. http://www.linuxsecurity.com/content/view/118285 *Debian: New synaesthesia packages fix unauthorised file access Updated package. http://www.linuxsecurity.com/content/view/118294 *Debian: New awstats packages fix arbitrary command execution Updated package. http://www.linuxsecurity.com/content/view/118302 *Debian: New postgresql packages fix arbitrary code execution Updated package http://www.linuxsecurity.com/content/view/118333 *Debian: New typespeed packages fix arbitrary group games code execution Updated package. http://www.linuxsecurity.com/content/view/118345 *Debian: New emacs21 packages fix arbitrary code execution Updated package. http://www.linuxsecurity.com/content/view/118356 *Debian: New gftp packages fix directory traversal vulnerability Updated package. http://www.linuxsecurity.com/content/view/118362 Distribution: Fedora *Fedora Core 3 Update: mailman-2.1.5-30.fc3 There is a critical security flaw in Mailman 2.1.5 which will allow attackers to read arbitrary files. http://www.linuxsecurity.com/content/view/118243 *Fedora Core 2 Update: mailman-2.1.5-8.fc2 There is a critical security flaw in Mailman 2.1.5 which will allow attackers to read arbitrary files. http://www.linuxsecurity.com/content/view/118244 *Fedora Core 2 Update: mod_python-3.1.3-1.fc2.2 Graham Dumpleton discovered a flaw affecting the publisher handler of mod_python, used to make objects inside modules callable via URL. http://www.linuxsecurity.com/content/view/118252 *Fedora Core 3 Update: mod_python-3.1.3-5.2 Graham Dumpleton discovered a flaw affecting the publisher handler of mod_python, used to make objects inside modules callable via URL. http://www.linuxsecurity.com/content/view/118253 *Fedora Core 3 Update: openoffice.org-1.1.3-5.5.0.fc3 Several bugs fixed. http://www.linuxsecurity.com/content/view/118273 *Fedora Core 2 Update: xemacs-21.4.17-0.FC2 Update to 21.4.17 stable release, which also fixes the CAN-2005-0100 movemail string format vulnerability. http://www.linuxsecurity.com/content/view/118300 *Fedora Core 3 Update: xemacs-21.4.17-0.FC3 Update to 21.4.17 stable release, which also fixes the CAN-2005-0100 movemail string format vulnerability and the AltGr issue for European input. http://www.linuxsecurity.com/content/view/118301 *Fedora Core 2 Update: kernel-2.6.10-1.14_FC2 Updated package. http://www.linuxsecurity.com/content/view/118339 *Fedora Core 3 Update: kernel-2.6.10-1.766_FC3 Updated package. http://www.linuxsecurity.com/content/view/118340 *Fedora Core 3 Update: kdeedu-3.3.1-2.3 Updated package. http://www.linuxsecurity.com/content/view/118361 Distribution: Gentoo *Gentoo: Python Arbitrary code execution through SimpleXMLRPCServer Python-based XML-RPC servers may be vulnerable to remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/118240 *Gentoo: Mailman Directory traversal vulnerability Mailman fails to properly sanitize input, leading to information disclosure. http://www.linuxsecurity.com/content/view/118242 *Gentoo: Gallery Cross-site scripting vulnerability The cross-site scripting vulnerability that Gallery 1.4.4-pl5 was intended to fix, did not actually resolve the issue. The Gallery Development Team have released version 1.4.4-pl6 to properly solve this problem. http://www.linuxsecurity.com/content/view/118251 *Gentoo: Webmin Information leak in Gentoo binary package Portage-built Webmin binary packages accidentally include a file containing the local encrypted root password. http://www.linuxsecurity.com/content/view/118271 *Gentoo: Perl Vulnerabilities in perl-suid wrapper Vulnerabilities leading to file overwriting and code execution with elevated privileges have been discovered in the perl-suid wrapper. http://www.linuxsecurity.com/content/view/118272 *Gentoo: mod_python Publisher Handler vulnerability mod_python contains a vulnerability in the Publisher Handler potentially leading to information disclosure. http://www.linuxsecurity.com/content/view/118275 *Gentoo: PowerDNS Denial of Service vulnerability A vulnerability in PowerDNS could lead to a temporary Denial of Service. http://www.linuxsecurity.com/content/view/118276 *Gentoo: ht//Dig: Cross-site scripting vulnerability Dig is vulnerable to cross-site scripting attacks. http://www.linuxsecurity.com/content/view/118277 *Gentoo: Opera Multiple vulnerabilities Opera is vulnerable to several vulnerabilities which could result in information disclosure and facilitate execution of arbitrary code. http://www.linuxsecurity.com/content/view/118295 *Gentoo: VMware Workstation Untrusted library search path VMware may load shared libraries from an untrusted, world-writable directory, resulting in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/118296 *Gentoo: AWStats Remote code execution Version 6.3 of AWStats only partially fixed the input validation flaws. http://www.linuxsecurity.com/content/view/118297 *Gentoo: PostgreSQL Buffer overflows in PL/PgSQL parser PostgreSQL is vulnerable to several buffer overflows in the PL/PgSQL parser leading to execution of arbitrary code. http://www.linuxsecurity.com/content/view/118298 *Gentoo: Emacs, XEmacs Format string vulnerabilities in The movemail utility shipped with Emacs and XEmacs contains several format string vulnerabilities, potentially leading to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/118335 *Gentoo: lighttpd Script source disclosure An attacker can trick lighttpd into revealing the source of scripts that should be executed as CGI or FastCGI applications. http://www.linuxsecurity.com/content/view/118336 *Gentoo: wpa_supplicant Buffer overflow vulnerability wpa_supplicant contains a buffer overflow that could lead to a Denial of Service. http://www.linuxsecurity.com/content/view/118353 *Gentoo: KStars Buffer overflow in fliccd KStars is vulnerable to a buffer overflow that could lead to arbitrary code execution with elevated privileges. http://www.linuxsecurity.com/content/view/118354 *Gentoo: Midnight Commander Multiple vulnerabilities Midnight Commander contains several format string errors, buffer overflows and one buffer underflow leading to execution of arbitrary code. http://www.linuxsecurity.com/content/view/118363 Distribution: Mandrake *Mandrake: Updated drakxtools package Several new bugs have been identified and corrected in the draktools package. http://www.linuxsecurity.com/content/view/118255 *Mandrake: Updated cpio packages fix A vulnerability in cpio was discovered where cpio would create world- writeable files when used in -o/--create mode and giving an output file (with -O). This would allow any user to modify the created cpio archive. The updated packages have been patched so that cpio now respects the current umask setting of the user. http://www.linuxsecurity.com/content/view/118256 *Mandrake: Updated enscript packages A vulnerability in the enscript program's handling of the epsf command used to insert inline EPS file into a document was found. http://www.linuxsecurity.com/content/view/118257 *Mandrake: Updated squid packages fix More vulnerabilities were discovered in the squid server: The LDAP handling of search filters was inadequate which could be abused to allow logins using severial variants of a single login name, possibly bypassing explicit access controls (CAN-2005-0173). http://www.linuxsecurity.com/content/view/118258 *Mandrake: Updated python packages fix A flaw in the python language was found by the development team. http://www.linuxsecurity.com/content/view/118259 *Mandrake: Updated MySQL packages fix A temporary file vulnerability in the mysqlaccess script in MySQL was discovered by Javier Fernandez-Sanguino Pena. This flaw could allow an unprivileged user to let root overwrite arbitrary files via a symlink attack. http://www.linuxsecurity.com/content/view/118260 *Mandrake: Updated cpio packages fix A vulnerability in cpio was discovered where cpio would create world- writeable files when used in -o/--create mode and giving an output file (with -O). This would allow any user to modify the created cpio archive. The updated packages have been patched so that cpio now respects the current umask setting of the user. http://www.linuxsecurity.com/content/view/118274 *Mandrake: Updated mailman packages fix A vulnerability was discovered in Mailman, which allows a remote directory traversal exploit using URLs of the form ".../....///" to access private Mailman configuration data. The vulnerability lies in the Mailman/Cgi/private.py file. Updated packages correct this issue. http://www.linuxsecurity.com/content/view/118299 *Mandrake: Updated emacs/xemacs Max Vozeler discovered several format string vulnerabilities in the movemail utility in Emacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running emacs. The updated packages have been patched to correct the problem. http://www.linuxsecurity.com/content/view/118338 *Mandrake: Updated rwho packages fix A vulnerability in rwhod was discovered by "Vlad902" that can be abused to crash the listening process (the broadcasting process is not affected). This vulnerability only affects little endian architectures. The updated packages have been patched to correct the problem. http://www.linuxsecurity.com/content/view/118355 Distribution: Redhat *RedHat: Updated mailman packages fix security Updated mailman packages that correct a mailman security issue are now available. http://www.linuxsecurity.com/content/view/118239 *RedHat: Updated kdelibs and kdebase packages correct Updated kdelib and kdebase packages that resolve several security issues are now available. http://www.linuxsecurity.com/content/view/118246 *RedHat: Updated mod_python package fixes security issue An Updated mod_python package that fixes a security issue in the publisher handler is now available. http://www.linuxsecurity.com/content/view/118247 *RedHat: Updated emacs packages fix security issue Updated Emacs packages that fix a string format issue are now available. http://www.linuxsecurity.com/content/view/118248 *RedHat: Updated xemacs packages fix security issue Updated XEmacs packages that fix a string format issue are now available. http://www.linuxsecurity.com/content/view/118249 *RedHat: Updated Squirrelmail package fixes security An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3. http://www.linuxsecurity.com/content/view/118250 *RedHat: Updated Squid package fixes security issues An updated Squid package that fixes several security issues is now available. http://www.linuxsecurity.com/content/view/118264 *RedHat: Moderate: exim security update Updated exim packages that resolve security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118306 *RedHat: Important: php security update Updated php packages that fix various security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118307 *RedHat: Important: alsa-lib security update An updated alsa-lib package that fixes a flaw that disabled stack execution protection is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118308 *RedHat: Important: xpdf security update An updated xpdf package that fixes several security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118309 *RedHat: Important: libtiff security update Updated libtiff packages that fix various integer overflows are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team http://www.linuxsecurity.com/content/view/118310 *RedHat: Low: vim security update Updated vim packages that fix security vulnerabilities are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118311 *RedHat: Moderate: ethereal security update Updated Ethereal packages that fix various security vulnerabilities are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118312 *RedHat: Low: enscript security update An updated enscript package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118313 *RedHat: Moderate: krb5 security update Updated Kerberos (krb5) packages that correct a buffer overflow bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118314 *RedHat: Important: CUPS security update Updated CUPS packages that fix several security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118315 *RedHat: Important: gpdf security update An updated gpdf package that fixes two security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118316 *RedHat: Important: squid security update An updated Squid package that fixes several security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118317 *RedHat: Important: kdelibs security update Updated kdelibs packages that resolve security issues in Konqueror are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118318 *RedHat: Important: kdegraphics security update Updated kdegraphics packages that resolve security issues in kpdf are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118319 *RedHat: Moderate: ImageMagick security update Updated ImageMagick packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118320 *RedHat: Low: perl-DBI security update An updated perl-DBI package that fixes a temporary file flaw in DBI::ProxyServer is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118321 *RedHat: Low: cpio security update An updated cpio package that fixes a umask bug is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team http://www.linuxsecurity.com/content/view/118322 *RedHat: Moderate: htdig security update Updated htdig packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118323 *RedHat: Moderate: thunderbird security update An updated Thunderbird package that fixes a security issue is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118324 *RedHat: Moderate: squirrelmail security update An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118325 *RedHat: Moderate: mod_python security update An updated mod_python package that fixes a security issue in the publisher handle is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118326 *RedHat: Important: perl security update Updated Perl packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team http://www.linuxsecurity.com/content/view/118327 *RedHat: Important: python security update Updated Python packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team http://www.linuxsecurity.com/content/view/118328 *RedHat: Important: emacs security update Updated Emacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team http://www.linuxsecurity.com/content/view/118329 *RedHat: Important: xemacs security update Updated XEmacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118330 *RedHat: Important: mailman security update Updated mailman packages to correct a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118331 *RedHat: Important: postgresql security update Updated postresql packages that correct various security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118332 *RedHat: Important: postgresql security update Updated PostgreSQL packages to fix various security flaws are now available for Red Hat Enterprise Linux 2.1AS. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/118352 Distribution: SuSE *SuSE: squid (SUSE-SA:2005:006) The last two squid updates from February the 1st and 10th fix several vulnerabilities. The impact of them range from remote denial-of-service over cache poisoning to possible remote command execution. http://www.linuxsecurity.com/content/view/118241 *SuSE: mailman remote file disclosure Due to incomplete input validation the "private" CGI script which handles archive retrieval could be used to read any file on the system, including the configuration database of the mailman lists which include passwords in plain text. A remote attacker just needs a valid account on one mailing list managed by this mailman instance. http://www.linuxsecurity.com/content/view/118279 |
All times are GMT -5. The time now is 07:55 PM. |