LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Closed Thread
 
Search this Thread
Old 10-04-2004, 01:33 AM   #1
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
LQ Security Report - October 4th 2004


Oct 7th 2004
106 issues handled (SN)
Mandrake update for xine-lib
SuSE update for mozilla
HP VirtualVault / Webproxy mod_ssl Format String
Mozilla Application Suite for Tru64 UNIX Multiple
Gentoo update for netkit-telnetd
Red Hat update for XFree86
Red Hat update for mozilla
AIX Network Authentication Service Multiple Vulnerabilities
Mac OS X Security Update Fixes Multiple Vulnerabilities
Gentoo update for PHP
Red Hat update for kdelibs/kdebase
Red Hat update for squid
Debian update for libapache-mod-dav
Red Hat update for spamassassin
Gentoo update for subversion
Fedora update for squid
Debian update for samba
SuSE update for samba
Red Hat update for samba
Mandrake update for samba
distcc IP-based Access Control Rules Security Bypass
Trustix update for samba
Samba Arbitrary File Access Vulnerability
Debian update for net-acct
Sun Solaris update for gzip
Fedora update for cups
CUPS Logfile User Credentials Disclosure
Slackware update for getmail
Gentoo update for netpbm
FreeBSD syscons Kernel Memory Disclosure Vulnerability
Debian freenet6 Insecure Configuration File Permissions
Red Hat update for ruby
Trustix Linux Multiple Packages Insecure Temporary File
spider "read_file()" Potential Privilege Escalation
PHPLinks SQL Injection and Arbitrary Local File Inclusion
AWS MySQLguest Script Insertion Vulnerability
BugPort Unspecified Attachment Handling Vulnerability
Real Estate Management Software Unspecified Vulnerabilities
Online Recruitment Agency Unspecified Vulnerabilities
yappa-ng Unspecified "Show Random Image" Vulnerability
Mozilla Firefox Download Directory File Deletion
Silent Storm Portal Cross-Site Scripting and Security Bypass
IBM Trading Partner Interchange Arbitrary File Access
w-Agora Multiple Vulnerabilities
bBlog "p" SQL Injection Vulnerability
DB2 Universal Database Multiple Vulnerabilities
Invision Power Board Referer Header Cross-Site Scripting
My Blog Unspecified Cross-Site Scripting Vulnerabilities
Online-Bookmarks Security Bypass Vulnerability
Xerces-C++ XML Parser Denial of Service Vulnerability
Macromedia ColdFusion MX Security Bypass Vulnerability
MediaWiki "raw" Page Output Mode Cross-Site Scripting
MaxDB Web Agent "Server" Field Denial of Service
Mandrake update for xine-lib
SuSE update for mozilla
HP VirtualVault / Webproxy mod_ssl Format String
Mozilla Application Suite for Tru64 UNIX Multiple
Gentoo update for netkit-telnetd
Red Hat update for XFree86
Red Hat update for mozilla
AIX Network Authentication Service Multiple Vulnerabilities
Mac OS X Security Update Fixes Multiple Vulnerabilities
Gentoo update for PHP
Red Hat update for kdelibs/kdebase
Red Hat update for squid
Debian update for libapache-mod-dav
Red Hat update for spamassassin
Gentoo update for subversion
Fedora update for squid
Debian update for samba
SuSE update for samba
Red Hat update for samba
Mandrake update for samba
distcc IP-based Access Control Rules Security Bypass
Trustix update for samba
Samba Arbitrary File Access Vulnerability
Debian update for net-acct
Sun Solaris update for gzip
Fedora update for cups
CUPS Logfile User Credentials Disclosure
Slackware update for getmail
Gentoo update for netpbm
FreeBSD syscons Kernel Memory Disclosure Vulnerability
Debian freenet6 Insecure Configuration File Permissions
Red Hat update for ruby
Trustix Linux Multiple Packages Insecure Temporary File
spider "read_file()" Potential Privilege Escalation
PHPLinks SQL Injection and Arbitrary Local File Inclusion
AWS MySQLguest Script Insertion Vulnerability
BugPort Unspecified Attachment Handling Vulnerability
Real Estate Management Software Unspecified Vulnerabilities
Online Recruitment Agency Unspecified Vulnerabilities
yappa-ng Unspecified "Show Random Image" Vulnerability
Mozilla Firefox Download Directory File Deletion
Silent Storm Portal Cross-Site Scripting and Security Bypass
IBM Trading Partner Interchange Arbitrary File Access
w-Agora Multiple Vulnerabilities
bBlog "p" SQL Injection Vulnerability
DB2 Universal Database Multiple Vulnerabilities
Invision Power Board Referer Header Cross-Site Scripting
My Blog Unspecified Cross-Site Scripting Vulnerabilities
Online-Bookmarks Security Bypass Vulnerability
Xerces-C++ XML Parser Denial of Service Vulnerability
Macromedia ColdFusion MX Security Bypass Vulnerability
MediaWiki "raw" Page Output Mode Cross-Site Scripting
MaxDB Web Agent "Server" Field Denial of Service


September 28th 2004
11 issues handled (SF)
1. Jörg Schilling SDD Remote Tape Support Client Undisclosed V...
2. Tutos Multiple Remote Input Validation Vulnerabilities
3. FreeRADIUS Access-Request Denial Of Service Vulnerability
4. Getmail Local Symbolic Link Vulnerability
5. Jabber Studio JabberD Remote Denial Of Service Vulnerability
6. YaBB 1 Gold Multiple Input Validation Vulnerabilities
7. Apache Satisfy Directive Access Control Bypass Vulnerability
8. Red Hat redhat-config-nfs Exported Shares Configuration Vuln...
9. Subversion Mod_Authz_Svn Metadata Information Disclosure Vul...
10. Macromedia JRun Multiple Remote Vulnerabilities
11. Zinf Malformed Playlist File Remote Buffer Overflow Vulnerab...

September 30th 2004
17 issues handled (SN)
1. AIX libXm.a Multiple Vulnerabilities
2. Conectiva update for imlib/imlib2
3. Gentoo update for xorg-x11/xfree
4. LessTif XPM Library Image Decoding Vulnerabilities
5. SGI IRIX update for kernel
6. Debian sendmail sasl-bin Mail Relaying Security Issue
7. Conectiva update for apache
8. Fedora update for httpd
9. Gentoo update for apache
10. fprobe "change user" Feature Unspecified Security Issue
11. Fedora update for subversion
12. Fedora update for cups
13. Conectiva update for kernel
14. Mandrake update for openoffice.org
15. IBM Products ctstrtcasd Local File Corruption Vulnerability
16. Debian update for getmail
17. Gentoo update for getmail

October 1st 2004
18 issues handled (LAW)
1. kernel - vulnerability fix
2. imlib and imlib2 - fix for a buffer overflow
3. getmail - symlink vulnerability
4. sendmail - pre-set password
5. vnc - update fixes several bugs
6. CUPS - update fixes a denial of service problem
7. system-config-display - update fixes reconfig mode
8. cadaver - security vulnerabilities
9. tcpdump - multiple security vulnerabilities
10. freenet6 - wrong file permissions
11. apache - Exposure of protected directories
12. X.org, XFree86 - Integer and stack overflows in libXpm
13. subversion - Metadata information leak
14. sharutils - Buffer overflows
15. webmin - vulnerability
16. NetPBM - update fixes a number of temporary file bugs
17. Openoffice.org - update fixes temporary file vulnerabilities
18. gettext, ghostscript, glibc, groff, gzip, kerberos5, lvm,
mysql, netatalk, openssl, perl, postgresql - Insecure tempfile
handling update fixes a number of temporary file bugs

Last edited by unSpawn; 10-08-2004 at 03:06 PM.
 
Old 10-04-2004, 01:36 AM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Original Poster
Rep: Reputation: 57
September 28th 2004 (SF)

Security Focus

1. Jörg Schilling SDD Remote Tape Support Client Undisclosed V...
BugTraq ID: 11217
Remote: Unknown
Date Published: Sep 18 2004
Relevant URL: http://www.securityfocus.com/bid/11217
Summary:
Jörg Schilling sdd is reported prone to an undisclosed vulnerability. The issue is reported to present itself in the RMT client. This BID will be updated as soon as further analysis of this vulnerability is completed.

2. Tutos Multiple Remote Input Validation Vulnerabilities
BugTraq ID: 11221
Remote: Yes
Date Published: Sep 20 2004
Relevant URL: http://www.securityfocus.com/bid/11221
Summary:
Tutos is reported prone to multiple remote input validation vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and SQL injection attacks. These issue reportedly affect Tutos 1.1.2004-04-14.

3. FreeRADIUS Access-Request Denial Of Service Vulnerability
BugTraq ID: 11222
Remote: Yes
Date Published: Sep 20 2004
Relevant URL: http://www.securityfocus.com/bid/11222
Summary:
Reportedly FreeRADIUS is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle malformed packets. An attacker may leverage this issue to cause the affected server to crash, denying service to legitimate users.

4. Getmail Local Symbolic Link Vulnerability
BugTraq ID: 11224
Remote: No
Date Published: Sep 20 2004
Relevant URL: http://www.securityfocus.com/bid/11224
Summary:
Reportedly getmail is affected by a local symbolic link vulnerability. This issue is due to a failure of the application to validate files prior to writing to them. An attacker may leverage this issue to cause arbitrary files to be written to with the privileges of a user that sends messages to an attacker-controlled file. This may facilitate privilege escalation or destruction of data.

5. Jabber Studio JabberD Remote Denial Of Service Vulnerability
BugTraq ID: 11231
Remote: Yes
Date Published: Sep 21 2004
Relevant URL: http://www.securityfocus.com/bid/11231
Summary:
Jabber Studio jabberd is reportedly affected by a remote denial of service vulnerability.This issue is due to a failure of the application to properly handle malformed network messages. An attacker may leverage this issue by causing the affected server to crash, denying service to legitimate users.

6. YaBB 1 Gold Multiple Input Validation Vulnerabilities
BugTraq ID: 11235
Remote: Yes
Date Published: Sep 22 2004
Relevant URL: http://www.securityfocus.com/bid/11235
Summary:
YaBB 1 Gold is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage a cross-site scripting issue to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the vulnerable site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. An attacker may exploit a HTTP response splitting issue to manipulate or misrepresent pages in the context of the vulnerable site, potentially facilitating phishing attacks.

7. Apache Satisfy Directive Access Control Bypass Vulnerability
BugTraq ID: 11239
Remote: Yes
Date Published: Sep 23 2004
Relevant URL: http://www.securityfocus.com/bid/11239
Summary:
Apache Web Server is reportedly affected by an access control bypass vulnerability. This issue presents itself due to an unspecified error in the merging of the 'Satisfy' directive. As a result, a remote attacker may bypass access controls and gain unauthorized access to restricted resources. It is reported that this issue only affects Apache 2.0.51. Due to a lack of details, further information is not available at the moment. This BID will be updated as more information becomes available.

8. Red Hat redhat-config-nfs Exported Shares Configuration Vuln...
BugTraq ID: 11240
Remote: Yes
Date Published: Sep 23 2004
Relevant URL: http://www.securityfocus.com/bid/11240
Summary:
Red Hat redhat-config-nfs is affected by an exported shares configuration vulnerability. These issues are due to a failure of the application to apply proper settings to the affected network file system (NFS) shares. This issue would cause some NFS option, such as 'all_squash' to fail to be applied, potentially giving administrators a false sense of security.

9. Subversion Mod_Authz_Svn Metadata Information Disclosure Vul...
BugTraq ID: 11243
Remote: Yes
Date Published: Sep 23 2004
Relevant URL: http://www.securityfocus.com/bid/11243
Summary:
It is reported that Subversions mod_authz_svn module is susceptible to an information disclosure vulnerability. This vulnerability is presents itself when paths that are marked as unreadable are accessed by particular Subversion client commands. It is reportedly possible to disclose the existence of files that are inaccessible to users. Under certain circumstances it may also be possible to disclose commit log messages, or even the contents of files that are configured to be inaccessible to users. This vulnerability is reported to exist in versions prior to 1.0.8 and 1.1.0-rc4.

10. Macromedia JRun Multiple Remote Vulnerabilities
BugTraq ID: 11245
Remote: Yes
Date Published: Sep 24 2004
Relevant URL: http://www.securityfocus.com/bid/11245
Summary:
Multiple vulnerabilities have been reported in Macromedia JRun. The first vulnerability is reported to exist in an insecure implementation of a session variable, 'JSESSIONID'. This vulnerability allows remote attackers to bypass authentication checks, and possibly allow them to gain administrative access to the web application. The second issue is a source code disclosure vulnerability. This vulnerability allows attackers to retrieve the contents of potentially sensitive script files. This may aid them in further attacks. The third issue is a buffer overflow vulnerability allowing remote attackers to reportedly crash affected servers. Versions 3.0, 3.1, and 4.0 are reportedly affected by these vulnerabilities.

11. Zinf Malformed Playlist File Remote Buffer Overflow Vulnerab...
BugTraq ID: 11248
Remote: Yes
Date Published: Sep 24 2004
Relevant URL: http://www.securityfocus.com/bid/11248
Summary:
Zinf is reported prone to a remote buffer overflow vulnerability when processing malformed playlist files. This issue exists due to insufficient boundary checks performed by the application and may allow an attacker to gain unauthorized access to a vulnerable computer. Reportedly, this issue affects Zinf version 2.2.1 for Windows. Zinf version 2.2.5 for Linux is reportedly fixed, however, this is not confirmed at the moment.

Last edited by Capt_Caveman; 10-04-2004 at 01:39 AM.
 
Old 10-04-2004, 01:38 AM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Original Poster
Rep: Reputation: 57
September 30th 2004 (SN)

Secunia

[SA12677] AIX libXm.a Multiple Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-09-29

IBM has acknowledged some vulnerabilities in AIX, which potentially can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12677/

--

[SA12675] Conectiva update for imlib/imlib2

Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-09-28

Conectiva has issued updates for imlib and imlib2. These fix some
vulnerabilities, which potentially can be exploited by malicious
people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12675/

--

[SA12653] Gentoo update for xorg-x11/xfree

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-09-27

Gentoo has issued updates for xorg-x11 and xfree. These fix multiple
vulnerabilities, which potentially can be exploited by malicious
people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12653/

--

[SA12652] LessTif XPM Library Image Decoding Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-09-27

Multiple vulnerabilities have been reported in LessTif, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/12652/

--

[SA12682] SGI IRIX update for kernel

Critical: Moderately critical
Where: From remote
Impact: Spoofing, Manipulation of data, DoS
Released: 2004-09-29

SGI has issued patches for IRIX. These fix multiple vulnerabilities in
the kernel, which can be exploited to cause a DoS (Denial of Service),
inject data into a TCP stream, and conduct spoofing attacks.

Full Advisory:
http://secunia.com/advisories/12682/

--

[SA12667] Debian sendmail sasl-bin Mail Relaying Security Issue

Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-09-28

Debian has issued an update for sendmail. This fixes a security issue,
which can be exploited by malicious people to use a vulnerable system
as an open mail relay.

Full Advisory:
http://secunia.com/advisories/12667/

--

[SA12646] Conectiva update for apache

Critical: Moderately critical
Where: From remote
Impact: Privilege escalation, DoS, System access
Released: 2004-09-24

Conectiva has issued an update for apache. This fixes multiple
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service), gain escalated privileges, and potentially compromise a
system.

Full Advisory:
http://secunia.com/advisories/12646/

--

[SA12644] Fedora update for httpd

Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Privilege escalation, DoS
Released: 2004-09-24

Fedora has issued an update for httpd. This fixes some vulnerabilities,
which can be exploited to gain escalated privileges, cause a DoS
(Denial of Service) or access restricted resources.

Full Advisory:
http://secunia.com/advisories/12644/

--

[SA12641] Gentoo update for apache

Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-09-24

Gentoo has issued an update for apache. This fixes a security issue,
which may allow malicious people to bypass configured access controls.

Full Advisory:
http://secunia.com/advisories/12641/

--

[SA12648] fprobe "change user" Feature Unspecified Security
Issue

Critical: Moderately critical
Where: From local network
Impact: Unknown
Released: 2004-09-27

A security issue with an unknown impact has been reported in fprobe.

Full Advisory:
http://secunia.com/advisories/12648/

--

[SA12643] Fedora update for subversion

Critical: Less critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-09-24

Fedora has issued an update for subversion. This fixes a security
issue, which can be exploited by malicious people to disclose
potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/12643/

--

[SA12681] Fedora update for cups

Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-09-29

Fedora has issued an update for CUPS. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12681/

--

[SA12663] Conectiva update for kernel

Critical: Less critical
Where: From local network
Impact: Manipulation of data
Released: 2004-09-27

Conectiva has issued an update for the kernel. This fixes a
vulnerability, which can be exploited by malicious users to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/12663/

--

[SA12668] Mandrake update for openoffice.org

Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2004-09-28

MandrakeSoft has issued an update for openoffice.org. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/12668/

--

[SA12664] IBM Products ctstrtcasd Local File Corruption Vulnerability

Critical: Less critical
Where: Local system
Impact: Privilege escalation, DoS
Released: 2004-09-28

iDEFENSE Labs has reported a vulnerability in various IBM products,
which can be exploited by malicious, local users to conduct certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/12664/

--

[SA12657] Debian update for getmail

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-09-27

Debian has issued an update for getmail. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/12657/

--

[SA12645] Gentoo update for getmail

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-09-24

Gentoo has issued an update for getmail. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/12645/
 
Old 10-04-2004, 01:41 AM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Original Poster
Rep: Reputation: 57
October 1st 2004 (LAW)

Linux Advisory Watch

Distribution: Conectiva

9/27/2004 - kernel vulnerability fix
This announcement fixes a missing[1] Discretionary Access Control
(DAC) check in the chown system call that allowed a local user to
change the group ownership of arbitrary files to a group that he
or she belongs to, leading to a privileges escalation
vulnerability.
http://www.linuxsecurity.com/advisor...sory-4868.html

9/28/2004 - imlib and imlib2 Fix for a buffer overflow
Marcus Meissner noticed that due to improper bounds checking,
imlib[3] and imlib2[4] are vulnerable to a buffer overflow when
decoding runlength-encoded bitmaps.
http://www.linuxsecurity.com/advisor...sory-4871.html


Distribution: Debian

9/27/2004 - getmail symlink vulnerability
A security problem has been discovered in getmail, a POP3 and APOP
mail gatherer and forwarder. An attacker with a shell account on
the victims host could utilise getmail to overwrite arbitrary
files when it is running as root.
http://www.linuxsecurity.com/advisor...sory-4840.html

9/27/2004 - sendmail pre-set password
Hugo Espuny discovered a problem in sendmail, a commonly used
program to deliver electronic mail. When installing "sasl-bin" to
use sasl in connection with sendmail, the sendmail configuration
script use fixed user/pass information to initialise the sasl
database.
http://www.linuxsecurity.com/advisor...sory-4880.html


Distribution: Fedora

9/28/2004 - vnc update fixes several bugs
This package updates VNC to the latest released version, 4.0. It
also fixes several bugs not fixed upstream.
http://www.linuxsecurity.com/advisor...sory-4872.html

9/28/2004 - CUPS update fixes a denial of service problem
This update fixes a denial of service problem causing loss of
browse services. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0558 to this issue.
http://www.linuxsecurity.com/advisor...sory-4873.html

9/29/2004 - system-config-display update fixes reconfig mode
update fixes a denial of service problem
This release fixes reconfig mode for system-config-display for
Fedora Core 2.
http://www.linuxsecurity.com/advisor...sory-4874.html

9/30/2004 - cadaver security vulnerabilities
Updated cadaver packages that fix multiple security vulnerability
are now available.
http://www.linuxsecurity.com/advisor...sory-4878.html

9/30/2004 - tcpdump multiple security vulnerabilities
Updated tcpdump packages that fix multiple security
vulnerabilities are now available.
http://www.linuxsecurity.com/advisor...sory-4879.html

9/30/2004 - freenet6 wrong file permissions
Simon Josefsson noticed that the tspc.conf configuration file in
freenet6, a client to configure an IPv6 tunnel to freenet6.net, is
set world readable.
http://www.linuxsecurity.com/advisor...sory-4881.html


Distribution: Gentoo

9/24/2004 - apache - Exposure of protected directories
A bug in the way Apache handles the Satisfy directive can lead to
the exposure of protected directories to unauthorized users.
http://www.linuxsecurity.com/advisor...sory-4861.html

9/27/2004 - X.org, XFree86 - Integer and stack overflows in libXpm
Exposure of protected directories
libXpm, the X Pixmap library that is a part of the X Window
System, contains multiple stack and integer overflows that may
allow a carefully-crafted XPM file to crash applications linked
against libXpm, potentially allowing the execution of arbitrary
code.
http://www.linuxsecurity.com/advisor...sory-4862.html

9/29/2004 - subversion - Metadata information leak
An information leak in mod_authz_svn could allow sensitive
metadata of protected areas to be leaked to unauthorized users.
http://www.linuxsecurity.com/advisor...sory-4877.html

10/1/2004 - sharutils - Buffer overflows
sharutils contains two buffer overflow vulnerabilities that could
lead to arbitrary code execution.
http://www.linuxsecurity.com/advisor...sory-4883.html


Distribution: Mandrake

9/27/2004 - webmin - vulnerability
A vulnerability in webmin was discovered by Ludwig Nussel. A
temporary directory was used in webmin, however it did not check
for the previous owner of the directory.
http://www.linuxsecurity.com/advisor...sory-4851.html

9/28/2004 - NetPBM - update fixes a number of temporary file bugs
A number of temporary file bugs have been found in versions of
NetPBM. These could allow a local user the ability to overwrite or
create files as a different user who happens to run one of the the
vulnerable utilities.
http://www.linuxsecurity.com/advisor...sory-4869.html

9/28/2004 - Openoffice.org - update fixes temporary file vulnerabilities
update fixes a number of temporary file bugs
A vulnerability in OpenOffice.org was reported by pmladek where a
local user may be able to obtain and read documents that belong to
another user.
http://www.linuxsecurity.com/advisor...sory-4870.html


Distribution: Trustix

9/30/2004 - gettext, ghostscript, glibc, groff, gzip, kerberos5, lvm,
mysql, netatalk, openssl, perl, postgresql Insecure tempfile
handling update fixes a number of temporary file bugs

Trustix Security Engineers identified that all these packages had
one or more script(s) that handled temporary files in an insecure
manner. While it is not believed that any of these holes could
lead to privilege escalation, it would be possible to trick the
scripts to overwrite data writable by the user that invokes the
script.
http://www.linuxsecurity.com/advisor...sory-4882.html
 
Old 10-08-2004, 03:08 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,679
Blog Entries: 54

Rep: Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954
Oct 7th 2004 (SN)

Secunia


[SA12750] Mandrake update for xine-lib

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-10-07

MandrakeSoft has issued an update for xine-lib. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/12750/

[SA12747] SuSE update for mozilla

Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Spoofing, Manipulation of data,
Exposure of sensitive information, DoS, System access
Released: 2004-10-07

SuSE has issued an update for mozilla. This fixes multiple
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service), spoof content of websites, conduct cross-site scripting
attacks, access and modify sensitive information, or compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/12747/

[SA12745] HP VirtualVault / Webproxy mod_ssl Format String
Vulnerability

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-10-06

HP has confirmed a vulnerability in Apache affecting HP VirtualVault
and HP Webproxy, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12745/

[SA12742] Mozilla Application Suite for Tru64 UNIX Multiple
Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
sensitive information, System access
Released: 2004-10-06

HP has confirmed some vulnerabilities in the Mozilla Application Suite
for Tru64 UNIX, which can be exploited to conduct cross-site scripting
attacks, access and modify sensitive information, and compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/12742/

[SA12741] Gentoo update for netkit-telnetd

Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-10-06

Gentoo has issued an update for netkit-telnetd. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/12741/

[SA12727] Red Hat update for XFree86

Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-10-05

Red Hat has issued an update for XFree86. This fixes multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12727/

[SA12698] Red Hat update for mozilla

Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
sensitive information, System access
Released: 2004-10-01

Red Hat has issued an update for mozilla. This fixes multiple
vulnerabilities, which can be exploited to conduct cross-site scripting
attacks, access and modify sensitive information, and compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/12698/

[SA12694] AIX Network Authentication Service Multiple Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-10-01

IBM has acknowledged some vulnerabilities in IBM Network Authentication
Service for AIX, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12694/

[SA12690] Mac OS X Security Update Fixes Multiple Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: Security Bypass, Exposure of system information, Exposure
of sensitive information, DoS, System access
Released: 2004-10-05

Apple has issued a security update for Mac OS X, which fixes various
vulnerabilities.

Full Advisory:
http://secunia.com/advisories/12690/

[SA12739] Gentoo update for PHP

Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information, System access
Released: 2004-10-06

Gentoo has issued an update for PHP. This fixes two vulnerabilities,
which can be exploited by malicious people to disclose sensitive
information or potentially upload files to arbitrary locations.

Full Advisory:
http://secunia.com/advisories/12739/

[SA12725] Red Hat update for kdelibs/kdebase

Critical: Moderately critical
Where: From remote
Impact: Hijacking, Spoofing, Privilege escalation
Released: 2004-10-05

Red Hat has issued updates for kdelibs and kdebase. These fix multiple
vulnerabilities, which can be exploited to perform certain actions on a
vulnerable system with escalated privileges, spoof the content of
websites, or hijack sessions.

Full Advisory:
http://secunia.com/advisories/12725/

[SA12699] Red Hat update for squid

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-10-01

Red Hat has issued an update for squid. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/12699/

[SA12743] Debian update for libapache-mod-dav

Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-10-06

Debian has issued an update for libapache-mod-dav. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12743/

[SA12700] Red Hat update for spamassassin

Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-10-01

Red Hat has issued an update for spamassassin. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12700/

[SA12688] Gentoo update for subversion

Critical: Less critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-09-30

Gentoo has issued an update for subversion. This fixes a security
issue, which can be exploited by malicious people to disclose
potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/12688/

[SA12754] Fedora update for squid

Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-10-07

Fedora has issued an update for squid. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/12754/

[SA12748] Debian update for samba

Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-10-07

Debian has issued an update for samba. This fixes a vulnerability,
which can be exploited by malicious users to access arbitrary files and
directories.

Full Advisory:
http://secunia.com/advisories/12748/

[SA12735] SuSE update for samba

Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-10-05

SuSE has issued an update for samba. This fixes a vulnerability, which
can be exploited by malicious users to access arbitrary files and
directories.

Full Advisory:
http://secunia.com/advisories/12735/

[SA12726] Red Hat update for samba

Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-10-05

Red Hat has issued an update for samba. This fixes a vulnerability,
which can be exploited by malicious users to access arbitrary files and
directories.

Full Advisory:
http://secunia.com/advisories/12726/

[SA12718] Mandrake update for samba

Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-10-04

MandrakeSoft has issued an update for samba. This fixes a
vulnerability, which can be exploited by malicious users to access
arbitrary files and directories.

Full Advisory:
http://secunia.com/advisories/12718/

[SA12711] distcc IP-based Access Control Rules Security Bypass

Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-10-04

A vulnerability has been reported in distcc, which potentially can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/12711/

[SA12707] Trustix update for samba

Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-10-01

Trustix has issued an update for samba. This fixes a vulnerability,
which can be exploited by malicious users to access arbitrary files and
directories.

Full Advisory:
http://secunia.com/advisories/12707/

[SA12696] Samba Arbitrary File Access Vulnerability

Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-10-01

Karol Wiesek has reported a vulnerability in Samba, which can be
exploited by malicious users to access arbitrary files and
directories.

Full Advisory:
http://secunia.com/advisories/12696/

[SA12746] Debian update for net-acct

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-10-06

Debian has issued an update for net-acct. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/12746/

[SA12744] Sun Solaris update for gzip

Critical: Less critical
Where: Local system
Impact: Manipulation of data, Exposure of sensitive information
Released: 2004-10-06

Sun has issued an updated for gzip. This fixes a vulnerability, which
can be exploited by malicious, local users to access sensitive
information.

Full Advisory:
http://secunia.com/advisories/12744/

[SA12737] Fedora update for cups

Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2004-10-06

Fedora has issued an update for cups. This fixes a vulnerability, which
can be exploited by malicious, local users to gain knowledge of
sensitive information.

Full Advisory:
http://secunia.com/advisories/12737/

[SA12736] CUPS Logfile User Credentials Disclosure

Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2004-10-06

Gary Smith has reported a vulnerability in CUPS, which can be exploited
by malicious, local users to gain knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/12736/

[SA12724] Slackware update for getmail

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-10-05

Slackware has issued an update for getmail. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/12724/

[SA12723] Gentoo update for netpbm

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-10-05

Gentoo has issued an update for netpbm. This fixes a vulnerability,
which can be exploited by malicious, local users to escalate their
privileges on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12723/

[SA12722] FreeBSD syscons Kernel Memory Disclosure Vulnerability

Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-10-05

Christer Oberg has reported a vulnerability in FreeBSD, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/12722/

[SA12705] Debian freenet6 Insecure Configuration File Permissions

Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2004-10-01

Debian has issued an update for freenet6. This fixes a security issue,
which can be exploited by malicious, local users to access sensitive
information.

Full Advisory:
http://secunia.com/advisories/12705/

[SA12701] Red Hat update for ruby

Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2004-10-01

Red Hat has issued an update for ruby. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/12701/

[SA12697] Trustix Linux Multiple Packages Insecure Temporary File
Handling

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-10-01

Trustix has issued updates for multiple packages. These fix some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/12697/

[SA12716] spider "read_file()" Potential Privilege Escalation
Vulnerability

Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2004-10-04

Emuadmin Security Team has reported a vulnerability in spider, which
potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/12716/


Cross Platform:--

[SA12738] PHPLinks SQL Injection and Arbitrary Local File Inclusion
Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released: 2004-10-06

LSS Security Team has discovered two vulnerabilities in PHPLinks, which
can be exploited by malicious people to conduct SQL injection attacks
and execute arbitrary local PHP scripts.

Full Advisory:
http://secunia.com/advisories/12738/

[SA12732] AWS MySQLguest Script Insertion Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-10-05

BliZZard has reported a vulnerability in AWS MySQLguest, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/12732/

[SA12730] BugPort Unspecified Attachment Handling Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2004-10-05

Eduardo Correia has reported a vulnerability with an unknown impact in
BugPort.

Full Advisory:
http://secunia.com/advisories/12730/

[SA12721] Real Estate Management Software Unspecified Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2004-10-05

Some unspecified vulnerabilities with unknown impacts have been
reported in Real Estate Management Software.

Full Advisory:
http://secunia.com/advisories/12721/

[SA12720] Online Recruitment Agency Unspecified Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2004-10-05

Some vulnerabilities with an unknown impact have been reported in
Online Recruitment Agency.

Full Advisory:
http://secunia.com/advisories/12720/

[SA12709] yappa-ng Unspecified "Show Random Image" Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2004-10-04

Georg Ragaz has reported a vulnerability with an unknown impact in
yappa-ng.

Full Advisory:
http://secunia.com/advisories/12709/

[SA12708] Mozilla Firefox Download Directory File Deletion
Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2004-10-04

Alex Vincent has reported a vulnerability in Mozilla Firefox, which can
be exploited by malicious people to delete files on a user's system.

Full Advisory:
http://secunia.com/advisories/12708/

[SA12704] Silent Storm Portal Cross-Site Scripting and Security Bypass
Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2004-10-01

R00tCr4ck has reported two vulnerabilities in Silent Storm Portal,
which can be exploited by malicious people to conduct cross-site
scripting attacks and bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/12704/

[SA12703] IBM Trading Partner Interchange Arbitrary File Access
Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-10-05

A vulnerability has been reported in Trading Partner Interchange, which
can be exploited by malicious people to access arbitrary files

Full Advisory:
http://secunia.com/advisories/12703/

[SA12695] w-Agora Multiple Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2004-10-01

Positive Technologies has reported some vulnerabilities in w-Agora,
which can be exploited by malicious people to conduct SQL injection and
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/12695/

[SA12691] bBlog "p" SQL Injection Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2004-10-01

James McGlinn has reported a vulnerability in bBlog, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/12691/

[SA12733] DB2 Universal Database Multiple Vulnerabilities

Critical: Moderately critical
Where: From local network
Impact: Unknown, Security Bypass, DoS, System access
Released: 2004-10-06

Multiple vulnerabilities have been reported in DB2 Universal Database,
where some of the vulnerabilities can be exploited to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/12733/

[SA12740] Invision Power Board Referer Header Cross-Site Scripting
Vulnerability

Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-10-06

Alexander Antipov has reported a vulnerability in Invision Power Board,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/12740/

[SA12729] My Blog Unspecified Cross-Site Scripting Vulnerabilities

Critical: Less critical
Where: From remote
Impact: Unknown, Cross Site Scripting
Released: 2004-10-05

Some vulnerabilities have been reported in My Blog, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/12729/

[SA12728] Online-Bookmarks Security Bypass Vulnerability

Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-10-05

A vulnerability has been reported in Online-Bookmarks, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/12728/

[SA12715] Xerces-C++ XML Parser Denial of Service Vulnerability

Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-10-04

Amit Klein has reported a vulnerability in Xerces-C++, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12715/

[SA12693] Macromedia ColdFusion MX Security Bypass Vulnerability

Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-10-04

Eric Lackey has reported a vulnerability in ColdFusion MX, which can be
exploited by malicious, authenticated users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/12693/

[SA12692] MediaWiki "raw" Page Output Mode Cross-Site Scripting
Vulnerability

Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-10-01

A vulnerability has been reported in MediaWiki, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/12692/

[SA12756] MaxDB Web Agent "Server" Field Denial of Service
Vulnerability

Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-10-07

Patrik Karlsson has reported a vulnerability in MaxDB, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12756/
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LQ Security Report - October 2nd 2005 Capt_Caveman Linux - Security 4 10-02-2005 03:36 PM
LQ Security Report - October 17th 2004 Capt_Caveman Linux - Security 5 10-18-2004 12:04 AM
LQ Security Report - June 27 2004 Capt_Caveman Linux - Security 3 06-27-2004 02:37 AM
LQ Security Report - May 22nd 2004 Capt_Caveman Linux - Security 3 05-22-2004 03:41 AM
LQ Security Report - May 8th 2004 Capt_Caveman Linux - Security 3 05-08-2004 12:39 PM


All times are GMT -5. The time now is 07:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration