LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-20-2003, 09:22 AM   #1
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,447
Blog Entries: 54

Rep: Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890
LQ weekly security rep - Nov 20th 2003


Slightly delayed...

Nov 17th 2003
25 of 50 issues handled (SF)
1. IBM DB2 Multiple Command-line Format String Vulnerabilities
2. IBM DB2 Multiple Command-Line Argument Buffer Overflow Vulne...
3. TerminatorX Command-line Format String Vulnerability
4. TerminatorX Multiple Command-Line and Environment Buffer Ove...
5. phpBB Profile.PHP SQL Injection Vulnerability
6. WMAPM Privilege Escalation Vulnerability
7. Conquest Unspecified Local Environment Variable Buffer Overf...
10. Epic CTCP Nickname Server Message Buffer Overrun Vulnerabili...
12. Bugzilla Javascript Buglists Remote Information Disclosure V...
13. Winace UnAce Command Line Argument Buffer Overflow Vulnerabi...
14. PureFTPd displayrate() Remote Denial of Service Vulnerabilit...
15. nCube Server Manager Directory Traversal Vulnerability
16. Hylafax HFaxD Unspecified Format String Vulnerability
17. Symbol Technologies PDT 8100 Default WEP Keys Configuration ...
27. Omega-RPG Environment Variable Buffer Overrun Vulnerability
29. PHP-Coolfile Unauthorized Administrative Access Vulnerabilit...
30. Opera Multiple MIME Type File Dropping Weakness
32. Opera Web Browser Opera: URI Handler Directory Traversal Vul...
35. Multiple Vendor Bluetooth Device Unspecified Information Dis...
38. Spoofed Kernel Netlink Interface Message Denial of Service V...
40. GNU Zebra / Quagga Remote Denial of Service Vulnerability
41. Clam AntiVirus E-mail Address Logging Format String Vulnerab...
42. Nokia Bluetooth Device Unauthorized Access Vulnerability
44. Multiple BEA WebLogic Server/Express Denial of Service and I...
50. OpenSSH PAM Conversation Memory Scrubbing Weakness

Nov 17th 2003
25 of 51 issues handled (ISS)
HylaFAX format string attack
Overkill $HOME environment variable buffer overflow
Bugzilla Web feature could allow an attacker to
UnAce invalid file name request buffer overflow
omega-rpg buffer overflow
wmapm system call privilege escalation
PDT 8100 Series allows access using default WiFI
PHP-Coolfile action.php script allows unauthorized
tsworks attachment buffer overflow
Opera "dot dot" directory traversal
Opera MIME types automatic file download
Sun Cobalt RaQ information disclosure
Clam AntiVirus "Mail From:" field format string
MyServer GET resource name buffer overflow
Gaim g_get_user_name function could disclose
WebLogic proxy plug-in causes denial of service
BEA WebLogic Server and Express using the T3S
BEA WebLogic malicious data causes denial of
BEA WebLogic foreign Java Messaging Service
Multiple vendor programs Netlink interface spoofed
BEA WebLogic MBeanHome allows attacker to obtain
Zebra telnet management service denial of service
Sun JRE/SDK ServerSocket.accept could allow
PHPlist PHP file include
minimalist command execution
AutoIndex PHP Script ?dir cross-site scripting

Nov 14th 2003
14 out of 19 issues in 5 distro's.(LAW)
conquest
cups
epic4
ethereal
fileutils/coreutils
glibc
hylafax
mpg123
net-snmp
omega-rpg
postgresql
thhtpd
xinetd
zebra
 
Old 11-20-2003, 09:24 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,447
Blog Entries: 54

Original Poster
Rep: Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890
Nov 14th 2003 (LAW)

Linux Advisory Watch
Distribution: Conectiva

11/7/2003 - thhtpd
Multiple vulnerabilities
Multiple vulnerabilities including sensitive file disclosure,
cross-site scription, and directory traversal vulnerabilities have
been fixed.
http://www.linuxsecurity.com/advisor...sory-3765.html

11/7/2003 - net-snmp
Multiple vulnerabilities
"net-snmp" version 5.0.9 was released to address a security
vulnerability in previous 5.0.x versions where an existing
user/community could get access to data in MIB objects that were
explicitly excluded from their view.
http://www.linuxsecurity.com/advisor...sory-3766.html

11/7/2003 - cups
DoS Vulnerability
It has been reported that the IPP daemon from the Cups package can
under some circumstances enter a loop and consume excessive CPU
resources, causing the service to become slow and unresponsive.
http://www.linuxsecurity.com/advisor...sory-3767.html

11/7/2003 - ethereal
Multiple vulnerabilities
This update announcement addresses several vulnerabilities[2] in
ethereal versions prior to 0.9.16. These vulnerabilities can be
exploited by an attacker who can insert crafted packets in the wire
being monitored by ethereal or make an user open a trace file with
such packets inside.
http://www.linuxsecurity.com/advisor...sory-3770.html

11/12/2003 - mpg123
Buffer overflow vulnerability
When used to play mp3 audio streams over the network, audio servers
can exploit this vulnerability by sending a carefully crafted response
to the client which will overflow a buffer on the heap and execute
arbitrary code.
http://www.linuxsecurity.com/advisor...sory-3778.html

11/12/2003 - xinetd
Multiple vulnerabilities
A memory leak and several other problems have been fixed in the latest
version of xinetd.
http://www.linuxsecurity.com/advisor...sory-3779.html

11/12/2003 - hylafax
Format string vulnerability
This vulnerability can be exploited by a remote attacker to execute
arbitrary code with the privileges of the root user in the host where
hfaxd is running.
http://www.linuxsecurity.com/advisor...sory-3780.html

11/13/2003 - postgresql
Multiple buffer overflow vulnerabilities
Multiple buffer overflow vulnerabilities in the to_ascii() function
have been fixed.
http://www.linuxsecurity.com/advisor...sory-3781.html


Distribution: Debian

11/7/2003 - postgresql
Remote buffer overflow vulnerability
Tom Lane discovered a buffer overflow in the to_ascii function in
PostgreSQL. This allows remote attackers to execute arbitrary code on
the host running the database.
http://www.linuxsecurity.com/advisor...sory-3771.html

11/10/2003 - conquest
Buffer overflow vulnerability
Steve Kemp discovered a buffer overflow in the environment variable
handling of conquest, a curses based, real-time, multi-player space
warfare game, which could lead a local attacker to gain unauthorised
access to the group conquest.
http://www.linuxsecurity.com/advisor...sory-3772.html

11/10/2003 - epic4
Buffer overflow vulnerability
A malicious server could craft a reply which triggers the client to
allocate a negative amount of memory. This could lead to a denial of
service if the client only crashes, but may also lead to executing of
arbitrary code under the user id of the chatting user.
http://www.linuxsecurity.com/advisor...sory-3773.html

11/11/2003 - omega-rpg buffer overflow vulnerability
Buffer overflow vulnerability
Steve Kemp discovered a buffer overflow in the commandline and
environment variable handling of omega-rpg.
http://www.linuxsecurity.com/advisor...sory-3776.html

Distribution: Mandrake

11/11/2003 - hylafax
buffer overflow vulnerability
The SuSE Security Team discovered a format bug condition that allows
remote attackers to execute arbitrary code as the root user.
http://www.linuxsecurity.com/advisor...sory-3777.html

11/12/2003 - fileutils/coreutils Denial of service vulnerability
buffer overflow vulnerability
A memory starvation denial of service vulnerability in the ls program
was discovered.
http://www.linuxsecurity.com/advisor...sory-3783.html


Distribution: Red Hat

11/10/2003 - ethereal
Buffer overflow vulnerability
Updated Ethereal packages that fix a number of exploitable security
issues are now available.
http://www.linuxsecurity.com/advisor...sory-3775.html

11/12/2003 - glibc
Multiple vulnerabilities
Updated glibc packages that resolve vulnerabilities and address
several bugs are now available.
http://www.linuxsecurity.com/advisor...sory-3784.html

11/12/2003 - PostgreSQL
Buffer overflow vulnerability
Updated PostgreSQL packages that correct a buffer overflow in the
to_ascii routines are now available.
http://www.linuxsecurity.com/advisor...sory-3785.html

11/12/2003 - zebra
Multiple vulnerabilities
Updated zebra packages that close a locally-exploitable and a
remotely-exploitable denial of service vulnerability are now
available.
http://www.linuxsecurity.com/advisor...sory-3786.html


Distribution: SuSE

11/10/2003 - hylafax
Remote code execution vulnerability
The SuSE Security Team found a format bug condition during a code
review of the hfaxd server. It allows remote attackers to execute
arbitrary code as root. However, the bug can not be triggered in
hylafax' default configuration.
http://www.linuxsecurity.com/advisor...sory-3774.html
 
Old 11-20-2003, 09:25 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,447
Blog Entries: 54

Original Poster
Rep: Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890
Nov 17th 2003 (ISS)

Internet Security Systems


Date Reported: 11/10/2003
Brief Description: HylaFAX format string attack
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 3.0, HylaFAX 4.1.7, Mandrake Linux
9.0, Mandrake Linux 9.1, Mandrake Linux 9.2,
Mandrake Linux Corporate Server 2.1, SuSE Linux
7.3, SuSE Linux 8.0, SuSE Linux 8.1, SuSE Linux
8.2, SuSE Linux 9.0, SuSE Linux Standard Server 8,
SuSE Linux Desktop 1.0, SuSE Linux Enterprise
Server 7, SuSE Linux Office Server Any version
Vulnerability: hylafax-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/13642

Date Reported: 11/09/2003
Brief Description: Overkill $HOME environment variable buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, OS/2 Any version, Overkill 0.16,
Windows Any version
Vulnerability: overkill-home-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13646

Date Reported: 11/10/2003
Brief Description: Bugzilla Web feature could allow an attacker to
obtain information
Risk Factor: Medium
Attack Type: Network Based
Platforms: Bugzilla 2.17.5, Linux Any version, Unix Any
version, Windows Any version
Vulnerability: bugzilla-feature-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13650

Date Reported: 11/09/2003
Brief Description: UnAce invalid file name request buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms: Linux Any version, UnAce 2.2
Vulnerability: unace-invalid-file-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13653

Date Reported: 11/11/2003
Brief Description: omega-rpg buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Debian Linux 3.0, omega-rpg prior to 0.90-pa9-7
Vulnerability: omega-rpg-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13654

Date Reported: 11/11/2003
Brief Description: wmapm system call privilege escalation
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, wmapm 3.1
Vulnerability: wmapm-system-privilege-escalation
X-Force URL: http://xforce.iss.net/xforce/xfdb/13655

Date Reported: 11/10/2003
Brief Description: PDT 8100 Series allows access using default WiFI
keys and shared secret
Risk Factor: High
Attack Type: Host Based
Platforms: Palm OS Home, Pocket PC Any version, Windows CE
Vulnerability: pdt8100series-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13656

Date Reported: 11/11/2003
Brief Description: PHP-Coolfile action.php script allows unauthorized
administrative access
Risk Factor: Medium
Attack Type: Network Based
Platforms: PHP-Coolfile 1.4, Unix Any version
Vulnerability: phpcoolfile-action-admin-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13683

Date Reported: 11/11/2003
Brief Description: tsworks attachment buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: tsworks 3.0, Windows Any version
Vulnerability: tsworks-attachment-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13728

Date Reported: 11/12/2003
Brief Description: Opera "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Opera 7.21 and earlier, Windows
Any version
Vulnerability: opera-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/13738

Date Reported: 11/12/2003
Brief Description: Opera MIME types automatic file download
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Opera 7.21 and earlier, Windows
Any version
Vulnerability: opera-mime-file-download
X-Force URL: http://xforce.iss.net/xforce/xfdb/13739

Date Reported: 11/11/2003
Brief Description: Sun Cobalt RaQ information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Cobalt RaQ 550
Vulnerability: colbalt-raq-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13740

Date Reported: 11/11/2003
Brief Description: Clam AntiVirus "Mail From:" field format string
attack
Risk Factor: High
Attack Type: Network Based
Platforms: Clam AntiVirus 0.60 through 0.60p, Linux Any
version, Unix Any version
Vulnerability: clam-antivirus-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/13741

Date Reported: 11/12/2003
Brief Description: MyServer GET resource name buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, MyServer 0.5, Windows Any
version
Vulnerability: myserver-get-resource-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13743

Date Reported: 11/10/2003
Brief Description: Gaim g_get_user_name function could disclose
username
Risk Factor: Medium
Attack Type: Network Based
Platforms: Gaim 0.72, Linux Any version, Windows Any version
Vulnerability: gaim-ggetusername-username-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/13744

Date Reported: 11/13/2003
Brief Description: WebLogic proxy plug-in causes denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
for Intel Pentium, Solaris 2.6, Solaris 2.7,
Solaris 8, WebLogic Server and Express 6.1,
WebLogic Server and Express 7.0, WebLogic Server
and Express 8.1, Windows 2000 Any version, Windows
2000 Professional, Windows NT 4.0, Windows XP Any
version
Vulnerability: weblogic-proxy-plugin-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13745

Date Reported: 11/13/2003
Brief Description: BEA WebLogic Server and Express using the T3S
protocol allows network monitoring to obtain
information
Risk Factor: Medium
Attack Type: Network Based
Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
for Intel Pentium, Solaris 2.6, Solaris 2.7,
Solaris 8, WebLogic Server and Express 7.0,
WebLogic Server and Express 7.0.0.1, WebLogic
Server and Express 8.1, Windows 2000 Any version,
Windows 2000 Professional, Windows NT 4.0, Windows
XP Any version
Vulnerability: weblogic-t3s-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13747

Date Reported: 11/11/2003
Brief Description: Caldera UnixWare and OpenUnix procfs descriptors
allows attacker to gain privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Caldera OpenUnix 8.0.0, Caldera UnixWare 7.1.1,
Caldera UnixWare 7.1.3
Vulnerability: unixware-procfs-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/13748

Date Reported: 11/13/2003
Brief Description: BEA WebLogic malicious data causes denial of
service of Node Manager
Risk Factor: Low
Attack Type: Network Based
Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
for Intel Pentium, Solaris 2.6, Solaris 2.7,
Solaris 8, WebLogic Server and Express 6.1,
WebLogic Server and Express 7.0, WebLogic Server
and Express 7.0.0.1, WebLogic Server and Express
8.1, Windows 2000 Any version, Windows 2000
Professional, Windows NT 4.0, Windows XP Any
version
Vulnerability: weblogic-node-manager-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13749

Date Reported: 11/13/2003
Brief Description: BEA WebLogic foreign Java Messaging Service
provider password is stored in plain text
Risk Factor: Medium
Attack Type: Network Based
Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
for Intel Pentium, Solaris 2.6, Solaris 2.7,
Solaris 8, WebLogic Server and Express 8.1, Windows
2000 Any version, Windows 2000 Professional,
Windows NT 4.0, Windows XP Any version
Vulnerability: weblogic-foreignjms-plaintext-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/13750

Date Reported: 11/12/2003
Brief Description: Multiple vendor programs Netlink interface spoofed
message denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Red Hat Advanced Workstation 2.1, Red Hat
Enterprise Linux 2.1AS, Red Hat Enterprise Linux
2.1ES, Red Hat Enterprise Linux 2.1WS, Red Hat
Enterprise Linux 3AS, Red Hat Enterprise Linux 3ES,
Red Hat Enterprise Linux 3WS, Red Hat Linux 7.1,
Red Hat Linux 7.2, Red Hat Linux 7.3, Red Hat Linux
8.0, Red Hat Linux 9
Vulnerability: netlink-interface-spoofed-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13751

Date Reported: 11/13/2003
Brief Description: BEA WebLogic MBeanHome allows attacker to obtain
configuration information
Risk Factor: Medium
Attack Type: Network Based
Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
for Intel Pentium, Solaris 2.6, Solaris 2.7,
Solaris 8, WebLogic Server and Express 6.1,
WebLogic Server and Express 7.0, WebLogic Server
and Express 8.1, Windows 2000 Any version, Windows
2000 Professional, Windows NT 4.0, Windows XP Any
version
Vulnerability: weblogic-mbeanhome-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13752

Date Reported: 11/13/2003
Brief Description: Zebra telnet management service denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Quagga prior to 0.96.4, Red Hat Linux 7.2, Red Hat
Linux 7.3, Red Hat Linux 8.0, Red Hat Linux 9,
Zebra Any version
Vulnerability: zebra-telnet-mngmt-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13758

Date Reported: 11/11/2003
Brief Description: Sun JRE/SDK ServerSocket.accept could allow
untrusted Applet to accept connections
Risk Factor: Medium
Attack Type: Network Based
Platforms: Sun JDK 1.1.x, Sun JRE 1.1.x
Vulnerability: sun-serverSocketaccept-accept-connection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13760

Date Reported: 11/14/2003
Brief Description: PHPlist PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any application Any version, PHPlist 2.6.2 and
earlier
Vulnerability: phplist-php-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13761

Date Reported: 11/17/2003
Brief Description: minimalist command execution
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 3.0, minimalist prior to 2.4-1
Vulnerability: minimalist-command-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/13762

Date Reported: 11/16/2003
Brief Description: AutoIndex PHP Script ?dir cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any application Any version, AutoIndex PHP Script
1.2.3
Vulnerability: autoindex-dir-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13763
 
Old 11-20-2003, 09:26 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,447
Blog Entries: 54

Original Poster
Rep: Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890
Nov 17th 2003 (SF) pt. 1/2

SecurityFocus


1. IBM DB2 Multiple Command-line Format String Vulnerabilities
BugTraq ID: 8989
Remote: No
Date Published: Nov 07 2003
Relevant URL: http://www.securityfocus.com/bid/8989
Summary:
DB2 is the database implementation maintained and distributed by IBM. It
is available for the UNIX, Linux, and Microsoft Windows platforms. The
db2govd, db2start, and db2stop database components are typically installed
setuid.
Multiple format string vulnerabilities have been discovered within the IBM
DB2 database specifically within the aforementioned components. The
problems occur due to erroneous usage of format-based functions and could
potentially allow an attacker to gain elevated privileges on a local
system.
The db2start and db2stop binaries are both prone to a format string bug
when handling a basic command-line argument, for example "./dbstart %x".
The db2govd binary is prone to the condition when handling parameters
passed as part of the 'validate garbage' and 'stop' options.
An attacker could potentially exploit one of these conditions by passing
specially calculated format string sequences to a target program. When
handled, the program may be controlled in such a way that arbitrary code
may be executed. All instructions executed would be run with the
privileges of the owner of the specific binary.

2. IBM DB2 Multiple Command-Line Argument Buffer Overflow Vulne...
BugTraq ID: 8990
Remote: No
Date Published: Nov 07 2003
Relevant URL: http://www.securityfocus.com/bid/8990
Summary:
DB2 is the database implementation maintained and distributed by IBM. It
is available for the UNIX, Linux, and Microsoft Windows platforms. The
db2govd, db2start, and db2stop database components are typically installed
setuid/setgid.
IBM DB2 has been reported to be prone to multiple buffer overflow
vulnerabilities that present themselves in binaries that are shipped with
DB2. The vulnerabilities are likely caused due to a lack of sufficient
boundary checks performed on user-supplied command-line arguments before
they are copied into a reserved buffer in memory. By supplying data that
exceeds the size of the reserved memory buffer used to store command line
arguments, a local attacker may overflow the bounds of the affected buffer
and corrupt adjacent memory. Because this memory contains values that are
crucial to controlling program execution flow, the attacker may influence
the execution flow of the vulnerable binary into attacker-controlled
memory.
It has been reported that arguments between 65 and 9901 bytes in size may
trigger this issue in the respective vulnerable executables. Ultimately
this may lead to the execution of arbitrary attacker-supplied instructions
with elevated privileges.
Although this issue has been reported to affect IBM DB2 versions v7 and v8
other versions may also be affected.

3. TerminatorX Command-line Format String Vulnerability
BugTraq ID: 8992
Remote: No
Date Published: Nov 07 2003
Relevant URL: http://www.securityfocus.com/bid/8992
Summary:
TerminatorX is a freely available, open source music manipulation program.
It is available for the Linux platform.
It has been reported that TerminatorX may be prone to a format string
vulnerability when handling command-line parameters. Specifically, due to
the erroneous usage of a format-based function, it is possible to have
format specifiers passed as the '-f' file argument interpreted by the
program.
As a result, an attacker may be capable of exploiting the application in a
way to execute arbitrary code with elevated privileges. It should be noted
that TerminatorX is not installed setuid by default, however the author
recommends that users make the application setuid root.

4. TerminatorX Multiple Command-Line and Environment Buffer Ove...
BugTraq ID: 8993
Remote: No
Date Published: Nov 07 2003
Relevant URL: http://www.securityfocus.com/bid/8993
Summary:
terminatorX is a freely available, open source music manipulation program.
It is available for the Linux platform.
It has been reported that TerminatorX may be prone to multiple
vulnerabilities when handling command-line and environment variable data.
The problem specifically occurs due to insufficient bounds checking when
handling the LADSPA_PATH environment variable and the '-f' and '-r'
command-line parameters.
As a result, an attacker may be capable of exploiting the application in a
variety ways to execute arbitrary code with elevated privileges. It should
be noted that TerminatorX is not installed setuid by default, however the
author recommends that users make the application setuid root.

5. phpBB Profile.PHP SQL Injection Vulnerability
BugTraq ID: 8994
Remote: Yes
Date Published: Nov 08 2003
Relevant URL: http://www.securityfocus.com/bid/8994
Summary:
phpBB is an open-source web forum application that is written in PHP and
supported by a number of database products. It will run on most Unix and
Linux variants, as well as Microsoft Windows operating systems.
A SQL injection vulnerability has been reported for phpBB systems.
phpBB, in some cases, does not sufficiently sanitize user-supplied input,
which is used when constructing SQL queries to execute on the underlying
database. As a result, it is possible to manipulate SQL queries. This may
allow a remote attacker to modify query logic or potentially corrupt the
database.
This vulnerability was reported to exist in the profile.php script file. A
remote attacker can exploit this vulnerability by manipulating the $u URI
parameter to modify SQL query logic.
SQL injection attacks may also potentially be used to exploit latent
vulnerabilities in the underlying database implementation.
It should be noted that although this vulnerability has been reported to
affect phpBB version 2.0.5 and prior, it may also affect version 2.0.6.

6. WMAPM Privilege Escalation Vulnerability
BugTraq ID: 8995
Remote: No
Date Published: Nov 08 2003
Relevant URL: http://www.securityfocus.com/bid/8995
Summary:
wmapm is a Window Maker Dock App that is used as a battery power status
monitor for laptops.
wmapm has been reported prone to a local privilege escalation
vulnerability. The vulnerability has been conjectured to result from a
lack of relative path use while the vulnerable dock app is calling the
'apm' binary. As a result of this, a local attacker may manipulate local
path settings and have the setuid wmapm dock app erroneously invoke a
trojan binary that is located in a directory that the attacker has
permissions to write to.
The code contained in the invoked binary will be executed with the
privileges of the vulnerable wmapm app; this may ultimately result in
elevating the privileges of the attacker.
It has been reported that wmapm is setUID operator in FreeBSD if it is
compiled via the ports collection, alternatively if wmapm is compiled from
source on FreeBSD or Linux it is reportedly setUID root.
It should be noted that although this issue has been reported to affect
wmapm version 3.1, previous versions might also be affected.

7. Conquest Unspecified Local Environment Variable Buffer Overf...
BugTraq ID: 8996
Remote: No
Date Published: Nov 10 2003
Relevant URL: http://www.securityfocus.com/bid/8996
Summary:
conquest is a simple curses based strategy game developed for unix based
operating systems. It has been reported that on the Debian Linux
distribution, the conquest binary is setgid conquest.
A local buffer overrun vulnerability has been reported for conquest. The
problem occurs due to insufficient bounds checking when parsing
unspecified data contained in the user's environment. As a result, an
attacker may be capable of controlling the execution flow of the conquest
program and effectively executing arbitrary code with elevated privileges.
Exploiting this condition may allow an attacker to gain group 'conquest'
privileges that could be used to modify sensitive information or could be
used to leverage attacks against other previously inaccessible utilities.

10. Epic CTCP Nickname Server Message Buffer Overrun Vulnerabili...
BugTraq ID: 8999
Remote: Yes
Date Published: Nov 10 2003
Relevant URL: http://www.securityfocus.com/bid/8999
Summary:
Epic is a freely available IRC client for Unix and Linux variants.
A remotely exploitable buffer overrun has been reported in Epic. This
issue may reportedly be exploited by a malicious server that supplies an
overly long nickname in a CTCP message. It may be also be possible for a
malicious client to send such a message, but it is likely that the server
will limit the length.
Reportedly if a nickname of over 512 bytes is supplied in such a message,
the client may attempt to call alloca() with a negative number, which
could potentially result in corruption of stack memory. In this manner,
it may be possible for a malicious IRC server to trigger this condition to
execute arbitrary code on the client system in the context of the client
user.

12. Bugzilla Javascript Buglists Remote Information Disclosure V...
BugTraq ID: 9001
Remote: Yes
Date Published: Nov 10 2003
Relevant URL: http://www.securityfocus.com/bid/9001
Summary:
Bugzilla is a freely available, open source bug tracking system. It is
available for the Unix, Linux, and Microsoft Windows platforms.
A problem exists in the handling of buglists by Bugzilla when the lists
are implemented with Javascript. Because of this, a remote user may be
able to gain unauthorized access to sensitive information.
The problem is in the storage of information when placed in Javascript
arrays. It is possible for a remote user to create a buglink in their
page that correctly reflects information about a bug, including details
which may be restricted from the public due to sensitivity of information.
This may result in unauthorized disclosure of information.
This problem has also been reported to affect bookmarklets. The issue is
known to affect verion 2.7.15 only.

13. Winace UnAce Command Line Argument Buffer Overflow Vulnerabi...
BugTraq ID: 9002
Remote: Yes
Date Published: Nov 10 2003
Relevant URL: http://www.securityfocus.com/bid/9002
Summary:
Winace is a file compression/decompression tool that was originally
developed for Microsoft Windows platforms. Winace was ported to Linux
platforms as UnAce.
UnAce has been reported to be prone to a buffer overflow vulnerability.
The issue presents itself when UnAce handles ace filenames that are
greater than 610 bytes in length including the ace file extension. When
this filename is passed to the UnAce utility as an argument for the 'e'
(extract command line switch), the string is copied into a reserved buffer
in memory. Data that exceeds the size of the reserved buffer will overflow
its bounds and will trample any saved data that is adjacent to the
affected buffer. Because variable that are crucial to controlling program
execution flow for UnAce are conjectured to be stored adjacent to the
affected buffer, an attacker may corrupt these values and influence UnAce
program execution flow into attacker controlled memory. Ultimately this
may lead to the execution of arbitrary instructions in the context of the
user who is running UnAce.
If UnAce is associated with a specific file type in for example an
Internet browser, clicking on a malicious ace filename may be sufficient
to result in the execution of arbitrary instructions on an affected host.

14. PureFTPd displayrate() Remote Denial of Service Vulnerabilit...
BugTraq ID: 9003
Remote: Yes
Date Published: Nov 10 2003
Relevant URL: http://www.securityfocus.com/bid/9003
Summary:
PureFTPd is an FTP server based on Troll-FTPd and designed with a focus on
security. It is available for the BSD and Linux operating systems.
A denial of service vulnerability has been discovered in PureFTPd. The
problem occurs within the displayrate() function. When data returned from
the realpath() function is subsequently tested for a specific value, it
may be possible to trigger a procedure, which will ultimately cause
PureFTPd to crash.
Specifically, the realpath() function is passed two variables, name and
resolved_path. The resolved name is stored in resolved_path, which is then
tested for a zero byte as shown below:
if (resolved_path[sizeof_resolved_path - 1U] != 0)
If this condition is met, PureFTPd will enter an infinite for loop,
continuously writing a zero value to a pointer incremented each iteration.
This will ultimately result in an attempt to write to unpaged memory,
effectively triggering a segmentation violation and thus a denial of
service.
It should be noted that PureFTPd will typically fork a new process for
each new connection to the FTP service, specifically when running as a
standalone server, however it has not been confirmed whether this is
always the case.
If forking children is the only behavior under all configurations, this
condition may not have any implications beyond closing the session of a
malicious user. This BID will be updated, as further details regarding
this information are made available.
*** November 10, 2003 - The vendor has confirmed that the condition occurs
only within the individual session under which the condition occurs.
Furthermore, additonal details made available by the vendor state that
realpath() is designed in such a way that only a specific amount of data
can be filled. As such, the aforementioned test will always always fail.
As a result of this new information, this BID will subsequently be
retired.

15. nCube Server Manager Directory Traversal Vulnerability
BugTraq ID: 9004
Remote: Yes
Date Published: Nov 10 2003
Relevant URL: http://www.securityfocus.com/bid/9004
Summary:
nCUBE Server Manager has been reported prone to a directory traversal
vulnerability. The issue presents itself likely due to a lack of
sufficient sanitization performed on user-supplied URI parameters. A
remote attacker may exploit this condition by supplying directory
traversal sequences as a value for the 'files' URI parameter passed to the
Server Manager 'nph-showlogs.pl' script. Ultimately this may allow the
attacker to break out of the webserver root and view arbitrary directory
listings and potentially arbitrary files on the vulnerable system.
An attacker may employ data harvested in this manner to aid in further
attacks launched against the target system.
It should be noted that although this issue has been reported to affect
nCUBE Server Manager version 1.0, other versions might also be affected.

16. Hylafax HFaxD Unspecified Format String Vulnerability
BugTraq ID: 9005
Remote: Yes
Date Published: Nov 10 2003
Relevant URL: http://www.securityfocus.com/bid/9005
Summary:
Hylafax is a software package designed to handle the transmission of
Faxes.
Hylafax hfaxd (daemon) has been reported prone to an unspecified format
string vulnerability that may be exploited under non-standard
configurations to execute arbitrary instructions remotely as the root
user.
It has been conjectured that a remote attacker may design a string that
contains specially crafted format string specifiers, the attacker may then
transmit this string to the hfaxd server in a manner sufficient to trigger
the condition. The malicious format specifiers contained in this string
will be interpreted literally by the affected server; this may result in
arbitrary memory corruption and ultimately in the execution of arbitrary
attacker-supplied instructions in the context of the affected server.
This BID will be updated if and when explicit information regarding this
vulnerability is published.

17. Symbol Technologies PDT 8100 Default WEP Keys Configuration ...
BugTraq ID: 9006
Remote: No
Date Published: Nov 10 2003
Relevant URL: http://www.securityfocus.com/bid/9006
Summary:
The PDT 8100 is a wireless access point solution distributed and
maintained by Symbol Technologies.
A problem has been identified in the default configuration of the Symbol
Technologies PDT 8100. Because of this, a local user may be able to gain
unauthorized access to network resources.
The problem is in the handling of WEP keys. When a PDT 8100 is configured
the party configuring the device is not prompted to change the default WEP
keys configuration. If this configuration is not changed, a user of the
device may access the WEP keys in plain text on the device.
The 8146-T2B940US model is known to be affected by this issue. Other
models may also be affected.

27. Omega-RPG Environment Variable Buffer Overrun Vulnerability
BugTraq ID: 9016
Remote: No
Date Published: Nov 11 2003
Relevant URL: http://www.securityfocus.com/bid/9016
Summary:
omega-rpg is a game for Linux/Unix variants.
omega-rpg is prone to a locally exploitable buffer overrun. This is due
to insufficient bounds checking of environment variables, which will be
copied into an internal buffer. By supplying an environment variable of
excessive length, it is possible to corrupt memory with attacker-supplied
values, potentially allowing the attacker to control execution flow of the
program and execute arbitrary code. omega-rpg may be installed setgid,
which could allow for execution of arbitrary code in the context of group
'games' if this issue were successfully exploited.

29. PHP-Coolfile Unauthorized Administrative Access Vulnerabilit...
BugTraq ID: 9018
Remote: Yes
Date Published: Nov 11 2003
Relevant URL: http://www.securityfocus.com/bid/9018
Summary:
PHP-Coolfile is a website manager application implemented in PHP. It
allows users to manage files on a website.
PHP-Coolfile allows unprivileged users to gain access to the
administrative username and software for the site.
This is due to a coding error in the way the action.php file evaluates
access permission. Because of this error, any user can use the 'edit'
action in action.php to view the contents of the config.php file which
contains the administrator username and password.

30. Opera Multiple MIME Type File Dropping Weakness
BugTraq ID: 9019
Remote: Yes
Date Published: Nov 12 2003
Relevant URL: http://www.securityfocus.com/bid/9019
Summary:
Opera includes support for multiple MIME types used for configuration and
installation of browser skins that potentially could be abused by a
malicious web page to drop files onto a client system in a predictable
location. The following is a list of MIME types that may be abused in
this manner, and the location that files will be dropped (in a default
installation of the browser):
"application/x-opera-skin" - File is dropped into C:\Program
Files\Opera7\profile\Skin
"application/x-opera-configuration-skin" - File is dropped into C:\Program
Files\Opera7\profile\skin.
"application/x-opera-configuration-keyboard" - File is dropped into
C:\Program Files\Opera7\profile\keyboard.
"application/x-opera-configuration-mouse" - File is dropped into
C:\Program Files\Opera7\profile\mouse.
"application/x-opera-configuration-menu" - File is dropped into C:\Program
Files\Opera7\profile\menu.
"application/x-opera-configuration-toolbar - File is dropped into
C:\Program Files\Opera7\profile\toolbar.
Through exploitation of another reported vulnerability (BID 9021), further
attacks may result, such as execution of script code or information
disclosure.

32. Opera Web Browser Opera: URI Handler Directory Traversal Vul...
BugTraq ID: 9021
Remote: Yes
Date Published: Nov 12 2003
Relevant URL: http://www.securityfocus.com/bid/9021
Summary:
Opera is a web browser available for a number of platforms, including
Microsoft Windows, Linux and Unix variants and Apple MacOS.
Opera uses an internal URI handler called 'Opera:' or 'about:' to display
help files and other documentation. Common uses for this command include
"opera:history", "opera:plugins", "opera:cache", and "opera:drives". A
vulnerability has been reported to exist in the software that may allow an
attacker to access information outside the intended directories for help
files and documentation. The problem exists due to insufficient
sanitization of user-supplied data through the 'Opera:' URI handler. The
issue may allow an attacker to traverse the client file system by using
'..%5c' or '..%2f' character sequences.
Successful exploitation of this vulnerability may allow an attacker to
gain access to sensitive information that may be used to launch further
attacks against a vulnerable system.
It has been reported that this issue may be exploited with another issue
described in BID 9019 to drop files onto a client system in a predictable
location and cause these files to be executed.
Opera Web Browser versions 7.21 and prior are reported to be prone to this
issue. This issue was reported to exist in Windows versions of the web
browser. It is not known if versions for other platforms are similarly
affected.

35. Multiple Vendor Bluetooth Device Unspecified Information Dis...
BugTraq ID: 9024
Remote: Yes
Date Published: Nov 12 2003
Relevant URL: http://www.securityfocus.com/bid/9024
Summary:
Bluetooth is a wireless communication protocol which, amongst other
functions, is designed to allow interoperability between devices produced
by different vendors, such as a cellphone and headset.
Under certain configurations Bluetooth devices will allow an anonymous
user to establish a connection and carry out various actions. These modes
are typically called "discoverable" and "visible". It has been reported
that, even when the aforementioned modes have been disabled an anonymous
user may be capable of connecting to a Bluetooth device and accessing
sensitive information stored therein. This could allow an attacker to
expose phone book, calendar, and other sensitive information.
The precise technical details regarding this vulnerability have not yet
been made available. This BID will be updated as further information is
made available.
 
Old 11-20-2003, 09:27 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,447
Blog Entries: 54

Original Poster
Rep: Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890Reputation: 2890
Nov 17th 2003 (SF) pt 2/2

SecurityFocus


38. Spoofed Kernel Netlink Interface Message Denial of Service V...
BugTraq ID: 9027
Remote: No
Date Published: Nov 12 2003
Relevant URL: http://www.securityfocus.com/bid/9027
Summary:
The Linux kernel includes the use of an optional netlink driver, which
when used creates the netlink device. This device can be used to allow a
channel between the kernel and userland applications for the transfer of
data and other information. This data can be transferred through the use
of netlink datagrams and messages.
The glibc getifaddrs() function is designed to store a linked list of the
local systems network interfaces.
GNU Zebra is an open source implementation of TCP/IP routing software. It
supports BGP-4, RIPv1, RIPv2 and OSPFv2 protocols. Quagga is a routing
software suite which was derived from GNU Zebra.
The Red Hat iproute package contains a variety of IP-based networking
utilities.
Applications which make use of the kernel netlink interface are said to be
prone to denial of service attacks.
It has been reported that applications implementing the use of the
getifaddrs() function may be prone to denial of service conditions. The
problem is said to occur due to the way spoofed netlink messages are
handled by the function. Due to this handling, it is said that a malformed
message transmitted to the process may in fact trigger a denial of
service.
The above condition is confirmed to occur on Red Hat 9 systems, however it
is not currently known if other operating systems or glibc versions are
directly affected.
Red Hat has stated that GNU Zebra, Quagga and iproute are also affected by
this vulnerability due to the way they interact with the netlink
interface; exploitation may result in a denial of service.
It is not currently known whether this condition is a problem within the
kernel netlink interface itself or if each application is implementing the
use of code which fails to properly handle specific netlink events. This
BID will be updated, as further information is made available.

40. GNU Zebra / Quagga Remote Denial of Service Vulnerability
BugTraq ID: 9029
Remote: Yes
Date Published: Nov 12 2003
Relevant URL: http://www.securityfocus.com/bid/9029
Summary:
GNU Zebra is an open source implementation of TCP/IP routing software. It
supports BGP-4, RIPv1, RIPv2 and OSPFv2 protocols. Quagga is a routing
software suite which was derived from GNU Zebra.
A vulnerability has been reported to be present in the software that may
allow a remote attacker to a cause a denial of service condition in the
software. The issue is reported to occur if an attacker attempts to
connect to the Zebra or Quagga telnet management port while a password is
enabled.
The problem specifically occurs due to an invalid (typically NULL) pointer
dereference. This occurs because the vty layer fails to verify whether a
Telnet sub-negotation is currently in progress prior to handling an end
negotiation marker (SE). This will likely occur if the SE is received at
an unexpected time.
Successful exploitation of this issue may allow an attacker who passes a
malformed Telnet command to the server, to cause the software to behave in
an unstable manner leading to a crash or hang.
All versions of GNU Zebra are said to be vulnerable to this issue. All
versions of Quagga prior to 0.96.4 are also vulnerable.

41. Clam AntiVirus E-mail Address Logging Format String Vulnerab...
BugTraq ID: 9031
Remote: Yes
Date Published: Nov 12 2003
Relevant URL: http://www.securityfocus.com/bid/9031
Summary:
Clam AntiVirus is an anti-virus product for Linux and Unix derived
operating systems.
Clam AntiVirus is prone to a format string vulnerability when logging
e-mail addresses. This is due to incorrect usage of the syslog() function
to log e-mail addresses. As a result, attackers may supply their own
format specifiers in e-mail addresses. Remote attackers may be required
to craft an e-mail that may generate a loggable event, such as including
an AV test string in the message, to exploit this issue.
This vulnerability may be exploited to overwrite arbitrary locations in
memory with attacker-supplied values, resulting in execution of arbitrary
code. Denial of service attacks are also possible. This will occur in the
context of the clamav user or root, depending on how the software is
invoked.
This issue only affects the clamav-milter component of versions later than
clamav-0.54, which include syslogging functionality.

42. Nokia Bluetooth Device Unauthorized Access Vulnerability
BugTraq ID: 9032
Remote: Yes
Date Published: Nov 12 2003
Relevant URL: http://www.securityfocus.com/bid/9032
Summary:
Bluetooth is a wireless communication protocol, which, amongst other
functions, is designed to allow interoperability between devices produced
by different vendors, such as a cellphone and headset.
The Bluetooth protocol allows for certain devices to be 'paired'. When
this occurs, the two devices form a trust relationship, under which a
trusted device may access the contents of the other. Reportedly, in some
situations this may include the entire memory space of the trusting
device.
A vulnerability has been discovered in two Nokia Bluetooth devices that
could result in unauthorized access from a device that is no longer
trusted. The problem occurs due to the Nokia devices failing to fully
remove trust relationships previously established between devices. Even
when a specific device is no longer listed as a 'paired', it is said that
it may still in fact have trusted access to the vulnerable device.
As a result, a malicious user whose device at one point was 'paired' with
another, could potentially have trusted access without the victim user
knowing. This action would go unnoticed, unless the victim user was
physically monitoring the display on their device. Due to an attacker
potentially having access to the entire memory space of the affected
device, this could lead to the cloning of certain devices.
Attacks such as this may be used by an attacker attempting to steal
another persons identify or other malicious actions.
The Nokia 6310i and 7650 models are said to be affected, however it has
been conjectured that a large number of Bluetooth enabled implementations
may be vulnerable.

44. Multiple BEA WebLogic Server/Express Denial of Service and I...
BugTraq ID: 9034
Remote: Yes
Date Published: Nov 13 2003
Relevant URL: http://www.securityfocus.com/bid/9034
Summary:
BEA Systems has released patches for multiple vulnerabilities in various
versions of BEA WebLogic Server and Express. The following issues were
reported:
Servers implementing the use of the Weblogic proxy plug-in may be prone to
denial of service attacks. The problem is said to occur when an invalid
URL is passed to the plug-in, possibly causing it to crash. If
successfully exploited this would cause any hosted websites to be
unreachable. This issue affects all WebLogic Server and Express 6.1, 7.0
and 8.1 releases.
On WebLogic servers making use of the T3S protocol, under some
circumstances an SSL request over T3 to a non-SSL port may incorrectly
cause a non-SSL session to be established. This may be unexpected
behaviour to the requesting user and may cause a user to incorrectly
believe that the session is in fact encrypted. This could ultimately lead
to the exposure of sensitive information believed to be encrypted. This
issue affects all WebLogic Server and Express 7.0, 7.0.0.1 and 8.1
releases.
When implementing the use of a foreign provider, the password field
(weblogic.management.configuration.ForeignJMSConnectionFactoryMBean) is
stored in plaintext within the console as well as within the local
config.xml file. This could result in a malicious local user revealing the
foreign provider password and possibly gaining unauthorized access. This
issue is said to only affected servers implementing foreign JMS connection
factories. This issue affects all WebLogic Server and Express 8.1
releases.
When malicious data is passed to the WebLogic Node Manager port, the
application may unexpectedly crash. It has been stated by BEA that this
condition may be triggered by using NMAP. This issue affects all WebLogic
Server and Express 6.1, 7.0, 7.0.0.1 and 8.1 releases.
By default, specific MBeanHome server configurations may allow an
anonymous remote user to access sensitive configuration information.
Access to this data could allow an attacker to map specific system
information that could aid in launching future attacks. This issue affects
all WebLogic Server and Express 6.1, 7.0 and 8.1 releases.
These issues will be separated into individual BIDs when further analysis
is completed.

50. OpenSSH PAM Conversation Memory Scrubbing Weakness
BugTraq ID: 9040
Remote: No
Date Published: Nov 13 2003
Relevant URL: http://www.securityfocus.com/bid/9040
Summary:
OpenSSH is a freely available, open source implementation of the Secure
Shell protocol. It is available for the Unix, Linux, and Microsoft
platforms.
An issue has been reported in the OpenSSH implementation of PAM
conversation functions. Applications which use PAM modules for
authentication are required to include conversation routines to manage
communications between the application and the PAM module, providing a
means to prompt users for passwords or provide other functionality which
relies on PAM. When a remote user connects to an OpenSSH server and
prematurely cancels the connection through a function such as Control-C,
OpenSSH does not correctly respond. It has been reported that OpenSSH
ends the session with the pam_end() function rather than returning
PAM_CONV_ERR, which is the correct behavior according to the Linux-PAM
developer documentation. As a result, PAM will not handle the aborted
conversation correctly and subsequently fail to scrub memory. The direct
consequence is that sensitive information in memory is more likely to end
up in swap space or core dumps.
This problem may expose authentication credentials to recovery should an
attacker have sufficient privileges on the system to view core dumps or
system memory. This issue may also expose other vulnerabilities in PAM
modules due to unpredictable behavior that could potentially lead to
stability issues and the compromise of sensitive credentials, information,
or privileges.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LQ weekly security rep - Mon Nov 25th 2002 unSpawn Linux - Security 3 11-29-2002 07:16 PM
LQ weekly security rep - Mon Nov 18th 2002 unSpawn Linux - Security 3 11-25-2002 05:03 AM
LQ weekly security rep - Tue Nov 12th 2002 unSpawn Linux - Security 5 11-17-2002 06:55 AM
LQ weekly security rep - Sun Oct 20th 2002 unSpawn Linux - Security 4 10-27-2002 11:19 AM
LQ weekly security rep - Tue Aug 20th 2002 unSpawn Linux - Security 6 08-24-2002 09:36 AM


All times are GMT -5. The time now is 03:33 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration