May 17th 2004
11 issues handled (SF)
1. Sun Java Runtime Environment Unspecified Remote Denial Of Se...
2. Linux Kernel Local IO Access Inheritance Vulnerability
3. Icecast Server Base64 Authorization Request Remote Buffer Ov...
4. National Science Foundation Squid Proxy Internet Access Cont...
5. EMule Web Control Panel Denial Of Service Vulnerability
6. Linux Kernel SCTP_SetSockOpt Integer Overflow Vulnerability
7. Linux Kernel Serial Driver Proc File Information Disclosure ...
8. Linux Kernel STRNCPY Information Leak Vulnerability
9. Opera Web Browser Address Bar Spoofing Weakness
10. Triornis ZoneMinder Multiple Remote Buffer Overflow Vulnerab..
11. Opera Web Browser Telnet URI handler Arbitrary File Creation...


May 17th 2004
21 out of 51 issues handled (ISS)
1. NukeJokes multiple path disclosure
2. NukeJokes modules.php cross-site scripting
3. NukeJokes SQL injection
4. FreeBSD kernel denial of service
5. Icecast authorization request buffer overflow
6. Linux kernel exit_thread allows elevated privileges
7. phpShop $base_dir file include
8. Systrace allows elevated privileges
9. Linux Kernel sctp_setsockopt integer buffer overflow
10. BEA WebLogic Server and Express bypass server policy
11. BEA WebLogic Server and Express unauthorized access to Web applications
12. Surfboard long argument buffer overflow
13. Opera onUnload URL spoofing
14. ZoneMinder zms buffer overflow
15. Opera Telnet file overwrite
16. mah-jong NULL pointer denial of service
17. Ethereal SIP packet denial of service
18. Ethereal AIM dissector denial of service
19. Ethereal SPNEGO dissector denial of service
20. Ethereal MMSE dissector buffer overflow
21. Squid Web Proxy Cache send URL to bypass security


May 21st 2004
25 issues across 8 distros (LAW)
heimdal
cvs
neon
cadaver
libpng
iproute
lha
mailman
kdelibs
tcpdump
utempter
subversion
ipsec-tools
exim
Pound
ProFTPD
Icecast
KDE
libuser
passwd
apache
libneon
mc
rsync
kernel

Security Focus

1. Sun Java Runtime Environment Unspecified Remote Denial Of Se...
BugTraq ID: 10301
Remote: Yes
Date Published: May 07 2004
Relevant URL: http://www.securityfocus.com/bid/10301
Summary:
It has been reported that Sun's Java Runtime Environment, as well as the Java Software Development Kit are affected by an unspecified, remote denial of service vulnerability. This issue would allow an attacker to cause the affected JRE to become unresponsive, denying service to legitimate users.

2. Linux Kernel Local IO Access Inheritance Vulnerability
BugTraq ID: 10302
Remote: No
Date Published: May 07 2004
Relevant URL: http://www.securityfocus.com/bid/10302
Summary:
It has been reported that the Linux Kernel is affected by an IO access inheritance vulnerability. This issue is due to an access validation error that fails to invalidate all io_bitmap pointers before a process exits. This issue could allow local users to lock up the affected system, denying service to legitimate users. This issue might also allow an attacker to gain escalated privileges.

3. Icecast Server Base64 Authorization Request Remote Buffer Ov...
BugTraq ID: 10311
Remote: Yes
Date Published: May 10 2004
Relevant URL: http://www.securityfocus.com/bid/10311
Summary:
It has been reported that Icecast server may be prone to a remote buffer overflow vulnerability when processing an excessively long base64 authentication request. A remote attacker could execute arbitrary code in the context of the server leading to unauthorized access. This issue is reported to exist in Icecast 2.0.0, however, it is possible that previous versions are affected as well.

4. National Science Foundation Squid Proxy Internet Access Cont...
BugTraq ID: 10315
Remote: Yes
Date Published: May 10 2004
Relevant URL: http://www.securityfocus.com/bid/10315
Summary:
Squid proxy has been reported to be affected by an Internet access control bypass vulnerability. This issue is caused by a failure of the application to properly handle access controls when evaluating malformed URI requests. This issue is reported to affect version 2.3.STABLE5 of the software, it is likely however that other versions are also affected. This issue would allow users that are restricted from accessing Internet-based resources to access arbitrary web sites.

5. EMule Web Control Panel Denial Of Service Vulnerability
BugTraq ID: 10317
Remote: Yes
Date Published: May 10 2004
Relevant URL: http://www.securityfocus.com/bid/10317
Summary:
It has been reported that eMule's Web Control Panel is susceptible to a remote denial of service vulnerability. This issue is reportedly triggered by sending malformed requests to the web interface. Upon processing malformed requests, the affected application will crash, denying service to legitimate users.

6. Linux Kernel SCTP_SetSockOpt Integer Overflow Vulnerability
BugTraq ID: 10326
Remote: No
Date Published: May 11 2004
Relevant URL: http://www.securityfocus.com/bid/10326
Summary:
An integer overflow vulnerability has been reported in the sctp_setsockopt() system call of the Linux kernel. This issue is related to the code for handling the SCTP_SOCKOPT_DEBUG_NAME socket option. The issue presents itself in the sctp_setsockopt() function of the net/sctp/socket.c source file, due to a lack of sufficient validation performed on user supplied integer values. This vulnerbaility may result in the allocation of a zero byte chunk in kernel memory space. Likely resulting in a kernel panic. The issue may also potentially be exploited however to compromise the system. This vulnerability is reported to affect Linux kernel versions up to and including version 2.4.25.

7. Linux Kernel Serial Driver Proc File Information Disclosure ...
BugTraq ID: 10330
Remote: No
Date Published: May 12 2004
Relevant URL: http://www.securityfocus.com/bid/10330
Summary:
It has been reported that the Linux kernel is prone to a serial driver proc file information disclosure vulnerability. This issue is due to a design error that allows unprivileged access to potentially sensitive information. This issue might allow an attacker to gain access to sensitive information such as user password lengths.

8. Linux Kernel STRNCPY Information Leak Vulnerability
BugTraq ID: 10331
Remote: No
Date Published: May 12 2004
Relevant URL: http://www.securityfocus.com/bid/10331
Summary:
This issue is reported to affect the vulnerable kernel only on platforms other than x86. It has been reported that the Linux kernel is prone to a 'strncpy()' information leak vulnerability. This issue is due to a failure of the libc code to properly implement the offending function on platforms other than x86. This issue might lead to information leakage, potentially facilitating further attacks against an affected system or process.

9. Opera Web Browser Address Bar Spoofing Weakness
BugTraq ID: 10337
Remote: Yes
Date Published: May 13 2004
Relevant URL: http://www.securityfocus.com/bid/10337
Summary:
Opera Web Browser is prone to a security weakness that may permit malicious web pages to spoof address bar information. This is reportedly possible through malicious use of the JavaScript "unOnload" event handler when the browser is redirected to another page. This issue could be exploited to spoof the domain of a malicious web page, potentially causing the victim user to trust the spoofed domain. The vulnerability reportedly affects Opera 7.23 releases on Windows and Linux platforms. Earlier versions may also be affected.

10. Triornis ZoneMinder Multiple Remote Buffer Overflow Vulnerab...
BugTraq ID: 10340
Remote: Yes
Date Published: May 13 2004
Relevant URL: http://www.securityfocus.com/bid/10340
Summary:
Reportedly ZoneMinder is affected by multiple remote buffer overflow vulnerabilities, potentially leading to unauthorized access. These issues are due to a failure of the application to properly validate buffer boundaries when processing user input. These issues could allow a remote attacker to execute arbitrary code in the context of the affected software, which could lead to unauthorized access.

11. Opera Web Browser Telnet URI handler Arbitrary File Creation...
BugTraq ID: 10341
Remote: Yes
Date Published: May 13 2004
Relevant URL: http://www.securityfocus.com/bid/10341
Summary:
It has been reported that Opera web browser is prone to a vulnerability that may allow a remote attacker to create and modify arbitrary files on a system. The vulnerability presents itself because the telnet URI handler in Opera fails to sanitize user-supplied input. Specifically, if a '-' character is present at the beginning of a host name, options may be passed to the telnet program to carry out an attack remotely.Opera version 7.23 is reported to be affected by this issue. Earlier versions may also be affected.

**It has been reported that various web browsers are affected by this issue. The affected products include Apple Safari, Microsoft Internet Explorer, Mozilla Firefox, OmniWeb, iCab, TrailBlazer, and possibly others. These applications are currently undergoing further review and individual BIDs will be created when more information becomes available.

Internet Security Systems


1. Date Reported: 05/08/2004
Brief Description: NukeJokes multiple path disclosure
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, NukeJokes 1.7, NukeJokes 2 Beta
Vulnerability: nukejokes-multiple-path-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/16094


2. Date Reported: 05/08/2004
Brief Description: NukeJokes modules.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, NukeJokes 1.7, NukeJokes 2 Beta
Vulnerability: nukejokes-modules-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/16096


3. Date Reported: 05/08/2004
Brief Description: NukeJokes SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, NukeJokes 1.7, NukeJokes 2 Beta
Vulnerability: nukejokes-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/16099


4. Date Reported: 05/07/2004
Brief Description: FreeBSD kernel denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: FreeBSD 4.x, FreeBSD 5.x
Vulnerability: freebsd-kernel-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16100


5. Date Reported: 05/09/2004
Brief Description: Icecast authorization request buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Icecast 2.0.0, Linux Any version, Windows Any version
Vulnerability: icecast-auth-request-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16103


6. Date Reported: 05/07/2004
Brief Description: Linux kernel exit_thread allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Linux kernel 2.6.5
Vulnerability: linux-exitthread-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/16106


7. Date Reported: 05/09/2004
Brief Description: phpShop $base_dir file include
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, phpShop 0.7.1 and prior, Windows
2000 Any version, Windows NT Any version
Vulnerability: phpshop-basedir-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/16107


8. Date Reported: 05/10/2004
Brief Description: Systrace allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: FreeBSD Ports Collection Any version, NetBSD Any version
Vulnerability: systrace-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/16110


9. Date Reported: 05/11/2004
Brief Description: Linux Kernel sctp_setsockopt integer buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, Linux kernel 2.4.23-pre5 -
2.4.25, Trustix Secure Enterprise Linux 2, Trustix
Secure Linux 2.0, Trustix Secure Linux 2.1
Vulnerability: linux-sctpsetsockopt-integer-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16117


10. Date Reported: 05/11/2004
Brief Description: BEA WebLogic Server and Express bypass server policy
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, WebLogic Server
and Express 7.0 through SP5, WebLogic Server and
Express 8.1 through 8.1 SP2
Vulnerability: weblogic-server-policy-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/16121


11. Date Reported: 05/11/2004
Brief Description: BEA WebLogic Server and Express unauthorized access to Web applications
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, WebLogic Server
and Express 7.0 through SP5, WebLogic Server and
Express 8.1 through 8.1 SP2
Vulnerability: weblogic-application-unauth-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/16123


12. Date Reported: 05/11/2004
Brief Description: Surfboard long argument buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, Surfboard 1.1.6, Unix Any version
Vulnerability: surfboard-long-argument-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16124


13. Date Reported: 05/13/2004
Brief Description: Opera onUnload URL spoofing
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Opera 7.23, Windows Any version
Vulnerability: opera-onunload-url-spoofing
X-Force URL: http://xforce.iss.net/xforce/xfdb/16131


14. Date Reported: 05/12/2004
Brief Description: ZoneMinder zms buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, ZoneMinder prior to 1.19.2
Vulnerability: zoneminder-zms-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16136


15. Date Reported: 05/12/2004
Brief Description: Opera Telnet file overwrite
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Opera 7.23, Windows Any version
Vulnerability: opera-telnet-file-overwrite
X-Force URL: http://xforce.iss.net/xforce/xfdb/16139


16. Date Reported: 05/13/2004
Brief Description: mah-jong NULL pointer denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Debian Linux 3.0, Mah-Jong Any version
Vulnerability: mah-jong-null-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16143


17. Date Reported: 05/13/2004
Brief Description: Ethereal SIP packet denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, Ethereal 0.10.3
Vulnerability: ethereal-sip-packet-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16148


18. Date Reported: 05/13/2004
Brief Description: Ethereal AIM dissector denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, Ethereal 0.10.3
Vulnerability: ethereal-aim-dissector-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16150


19. Date Reported: 05/13/2004
Brief Description: Ethereal SPNEGO dissector denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, Ethereal 0.9.8 through 0.10.3
Vulnerability: ethereal-spnego-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16151


20. Date Reported: 05/13/2004
Brief Description: Ethereal MMSE dissector buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Any operating system Any version, Ethereal 0.10.1 -0.10.3
Vulnerability: ethereal-mmse-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16152


21. Date Reported: 05/10/2004
Brief Description: Squid Web Proxy Cache send URL to bypass security
Risk Factor: Medium
Attack Type: Network Based
Platforms: Squid Web Proxy Cache 2.3STABLE5, Unix Any version
Vulnerability: squid-url-bypass-security
X-Force URL: http://xforce.iss.net/xforce/xfdb/16153

Linux Advisory Watch


Distribution: Debian

5/18/2004 - heimdal
Buffer overflow vulnerability
This problem could perhaps be exploited to cause the daemon to
read a negative amount of data which could lead to unexpected
behaviour.
http://www.linuxsecurity.com/advisor...sory-4347.html

5/19/2004 - cvs
Heap overflow vulnerability
Stefan Esser discovered a heap overflow in the CVS server, which
serves the popular Concurrent Versions System.
http://www.linuxsecurity.com/advisor...sory-4375.html

5/19/2004 - neon
Heap overflow vulnerability
User input is copied into variables not large enough for all
cases. This can lead to an overflow of a static heap variable.
http://www.linuxsecurity.com/advisor...sory-4376.html

5/19/2004 - cadaver
Heap overflow vulnerability
User input is copied into variables not large enough for all
cases. This can lead to an overflow of a static heap variable.
http://www.linuxsecurity.com/advisor...sory-4377.html


Distribution: Fedora

5/14/2004 - libpng
1.2.2 Information leak vulnerability
Fixes a possible out-of-bounds read in the error message handler.
http://www.linuxsecurity.com/advisor...sory-4340.html

5/14/2004 - libpng
1.0.13 Information leak
Fixes a possible out-of-bounds read in the error message handler.
http://www.linuxsecurity.com/advisor...sory-4341.html

5/14/2004 - iproute
Denial of service vulnerability
iproute 2.4.7 and earlier allows local users to cause a denial of
service via spoofed messages as other users to the kernel netlink
interface.
http://www.linuxsecurity.com/advisor...sory-4342.html

5/14/2004 - lha
Multiple vulnerabilities
Ulf Hrnhammar discovered two stack buffer overflows and two
directory traversal flaws in LHA.
http://www.linuxsecurity.com/advisor...sory-4343.html

5/18/2004 - mailman
Cross-site scripting vulnerability
A cross-site scripting (XSS) vulnerability exists in the admin CGI
script for Mailman before 2.1.4.
http://www.linuxsecurity.com/advisor...sory-4353.html

5/18/2004 - neon
Format string vulnerabilities
Exploiting these bugs may allow remote malicious WebDAV servers to
execute arbitrary code.
http://www.linuxsecurity.com/advisor...sory-4354.html

5/18/2004 - cvs
Chroot escape vulnerability
The client for CVS before 1.11.15 allows a remote malicious CVS
server to create arbitrary files by using absolute pathnames
during checkouts or updates.
http://www.linuxsecurity.com/advisor...sory-4355.html

5/18/2004 - kdelibs
Multiple vulnerabilities
An attacker could create a carefully crafted link such that when
opened by a victim it creates or overwrites a file in the victims
home directory.
http://www.linuxsecurity.com/advisor...sory-4356.html

5/19/2004 - tcpdump
Denial of service vulnerability
Upon receiving specially crafted ISAKMP packets, TCPDUMP would try
to read beyond the end of the packet capture buffer and
subsequently crash.
http://www.linuxsecurity.com/advisor...sory-4368.html

5/19/2004 - utempter
Insecure temporary file vulnerability
An updated utempter package that fixes a potential symlink
vulnerability is now available.
http://www.linuxsecurity.com/advisor...sory-4369.html

5/19/2004 - kdelibs
Insufficient input sanitation
An attacker could create a carefully crafted link such that when
opened by a victim it creates or overwrites a file in the victims
home directory.
http://www.linuxsecurity.com/advisor...sory-4370.html

5/19/2004 - cvs
Heap overflow vulnerability
Stefan Esser discovered a flaw in cvs where malformed "Entry"
lines could cause a heap overflow.
http://www.linuxsecurity.com/advisor...sory-4371.html

5/19/2004 - neon
Heap overflow vulnerability
An attacker could create a malicious WebDAV server in such a way
as to allow arbitrary code execution on the client, such as
cadaver.
http://www.linuxsecurity.com/advisor...sory-4372.html

5/19/2004 - subversion
Buffer overflow vulnerability
An attacker could send malicious requests to a Subversion server
and perform arbitrary execution of code.
http://www.linuxsecurity.com/advisor...sory-4373.html

5/19/2004 - ipsec-tools Denial of service vulnerability
Buffer overflow vulnerability
A crafted ISAKMP header can cause racoon to crash.
http://www.linuxsecurity.com/advisor...sory-4374.html


Distribution: FreeBSD

5/19/2004 - cvs
Heap overflow vulnerability
Malformed data can cause a heap buffer to overflow, allowing the
client to overwrite arbitrary portions of the server's memory.
http://www.linuxsecurity.com/advisor...sory-4367.html

Distribution: Gentoo

5/14/2004 - exim
Buffer overflow vulnerabiity
When the verify=header_syntax option is set, there is a buffer
overflow in Exim that allows remote execution of arbitrary code.
http://www.linuxsecurity.com/advisor...sory-4344.html

5/14/2004 - libpng
Denial of service vulnerability
A bug in the libpng library can be abused using a crafted .png to
crash programs making use of that library.
http://www.linuxsecurity.com/advisor...sory-4345.html

5/19/2004 - Pound
Format string vulnerability
There is a format string flaw in Pound, allowing remote execution
of arbitrary code with the rights of the Pound process.
http://www.linuxsecurity.com/advisor...sory-4363.html

5/19/2004 - ProFTPD
ACL bypass vulnerability
Version 1.2.9 of ProFTPD introduced a vulnerability that causes
CIDR-based Access Control Lists automatically allow remote users
full access to available files.
http://www.linuxsecurity.com/advisor...sory-4364.html

5/19/2004 - Icecast
Denial of service vulnerability
Icecast is vulnerable to a denial of service attack allowing
remote users to crash the application.
http://www.linuxsecurity.com/advisor...sory-4365.html

5/19/2004 - KDE
Insufficient input sanitation
Vulnerabilities in KDE URI handlers makes your system vulnerable
to various attacks.
http://www.linuxsecurity.com/advisor...sory-4366.html


Distribution: Mandrake

5/18/2004 - libuser
Denial of service vulnerability
Steve Grubb discovered a number of problems in the libuser library
that can lead to a crash in applications linked to it, or
possibly write 4GB of garbage to the disk.
http://www.linuxsecurity.com/advisor...sory-4350.html

5/18/2004 - passwd
Multiple vulnerabilities
Passwords given to passwd via stdin are one character shorter than
they are supposed to be. He also discovered that pam may not have
been sufficiently initialized to ensure safe and proper operation.
http://www.linuxsecurity.com/advisor...sory-4351.html

5/18/2004 - apache
Multiple vulnerabilities
Patch fixes four seperate apache vulnerabilities.
http://www.linuxsecurity.com/advisor...sory-4352.html

5/19/2004 - kdelibs
Insufficient input sanitation
This vulnerability can allow remote attackers to create or
truncate arbitrary files.
http://www.linuxsecurity.com/advisor...sory-4360.html

5/19/2004 - cvs
Buffer overflow vulnerability
Stefan Esser discovered that malformed "Entry" lines can be used
to overflow malloc()ed memory in a way that can be remotely
exploited.
http://www.linuxsecurity.com/advisor...sory-4361.html

5/19/2004 - libneon
Heap overflow vulnerability
It was discovered that in portions of neon can be used to overflow
a static heap variable.
http://www.linuxsecurity.com/advisor...sory-4362.html


Distribution: Red Hat

5/18/2004 - kdelibs
Multiple vulnerabilities
Updated kdelibs packages that fix telnet URI handler and mailto
URI handler file vulnerabilities are now available.
http://www.linuxsecurity.com/advisor...sory-4348.html

5/19/2004 - cvs
Buffer overflow vulnerability
An updated cvs package that fixes a server vulnerability that
could be exploited by a malicious client is now available.
http://www.linuxsecurity.com/advisor...sory-4358.html

5/19/2004 - cadaver
Heap overflow vulnerability
An updated cadaver package is now available that fixes a
vulnerability in neon which could be exploitable by a malicious
DAV server.
http://www.linuxsecurity.com/advisor...sory-4359.html

5/19/2004 - mc
Multiple vulnerabilities
Updated mc packages that resolve several buffer overflow
vulnerabilities, one format string vulnerability and several
temporary file creation vulnerabilities are now available.
http://www.linuxsecurity.com/advisor...sory-4378.html

5/19/2004 - rsync
Chroot escape vulnerability
An updated rsync package that fixes a directory traversal security
flaw is now available.
http://www.linuxsecurity.com/advisor...sory-4379.html

5/19/2004 - libpng
Denial of service vulnerability
An attacker could carefully craft a PNG file in such a way that it
would cause an application linked to libpng to crash when opened
by a victim.
http://www.linuxsecurity.com/advisor...sory-4380.html


Distribution: Slackware

5/17/2004 - mc
Multiple vulnerabilities
These could lead to a denial of service or the execution of
arbitrary code as the user running mc.
http://www.linuxsecurity.com/advisor...sory-4346.html

5/18/2004 - kdelibs
Multiple vulnerabilities
The telnet, rlogin, ssh and mailto URI handlers in KDE do not do
sufficient argument checking, allowing improper passing of
arguments.
http://www.linuxsecurity.com/advisor...sory-4349.html


Distribution: SuSE

5/14/2004 - mc
Multiple vulnerabilities
This patch fixes buffer overflows, temporary file problems and
format string bugs associated with Midnight Commander.
http://www.linuxsecurity.com/advisor...sory-4339.html

5/19/2004 - cvs
Buffer overflow vulnerability
Stefan Esser reported buffer overflow conditions within the cvs
program.
http://www.linuxsecurity.com/advisor...sory-4357.html


Distribution: Trustix

5/14/2004 - apache
Multiple vulnerabilities
This patch addresses a wide variety of known apache
vulnerabilities.
http://www.linuxsecurity.com/advisor...sory-4337.html

5/14/2004 - kernel
Privilege escalation vulnerability
Patch corrects a local root exploit.
http://www.linuxsecurity.com/advisor...sory-4338.html