LQ Security Report - February 13th 2005
February 9th 2005
23 issues handled (SF) 1. NCPFS Multiple Remote Vulnerabilities 2. CitrusDB Credit Card Data Remote Information Disclosure Vuln... 3. Xoops Incontent Module Directory Traversal Vulnerability 4. Clam Anti-Virus ClamAV ZIP File Parsing Remote Denial Of Ser... 5. RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerabil... 6. PostgreSQL LOAD Extension Local Privilege Escalation Vulnera... 7. Squid Proxy Oversize HTTP Headers Unspecified Remote Vulnera... 8. SquirrelMail URL Remote Code Execution Vulnerability 9. Newsfetch SScanf Remote Buffer Overflow Vulnerability 10. PostgreSQL Multiple Remote Vulnerabilities 11. Newspost Remote Buffer Overflow Vulnerability 12. Perl SuidPerl Multiple Local Vulnerabilities 13. Squid Proxy squid_ldap_auth Authentication Bypass Vulnerabil... 14. Squid Proxy WCCP recvfrom() Buffer Overflow Vulnerability 15. Squid Proxy Malformed HTTP Header Parsing Cache Poisoning Vu... 16. D-BUS Session Bus Local Privilege Escalation Vulnerability 17. Python SimpleXMLRPCServer Library Module Unauthorized Access... 18. SunShop Shopping Cart Cross-Site Scripting Vulnerability 19. Linux Kernel IPV6_Setsockopt IPV6_PKTOPTIONS Integer Overflo... 20. ht://Dig Unspecified Cross-Site Scripting Vulnerability 21. Postfix IPv6 Unauthorized Mail Relay Vulnerability 22. PowerDNS Unspecified Remote Denial of Service Vulnerability 23. Netgear DG834 ADSL Firewall Router Insecure Configuration Vu... February 11th 2005 81 issues handled (SN) Part A [SA14167] Debian update for php3 [SA14156] Gentoo update for openmotif [SA14149] SUSE Updates for Multiple Packages [SA14140] Gentoo update for lesstif [SA14245] Red Hat update for emacs [SA14242] Fedora update for mailman [SA14241] Red Hat update for squirrelmail [SA14240] Red Hat update for xemacs [SA14239] Red Hat update for kdelibs/kdebase [SA14238] Gentoo update for mailman [SA14229] Mandrake update for enscript [SA14227] Mandrake update for python [SA14223] Debian update for mailman [SA14222] Red Hat update for mailman [SA14220] HP-UX BIND Unspecified Denial of Service Vulnerability [SA14215] Debian update for evolution [SA14212] Ubuntu update for mailman [SA14211] Mailman "private.py" Directory Traversal Vulnerability [SA14208] SUSE update for squid [SA14207] Gentoo update for pdftohtml [SA14202] Gentoo update for python [SA14196] Fedora update for emacs [SA14194] Debian update for emacs20 [SA14191] Debian update for xemacs21 [SA14185] Ubuntu update for squid [SA14182] Frox Deny ACL Security Bypass Vulnerability [SA14178] UnixWare update for racoon [SA14168] Ubuntu update for emacs21-bin-common [SA14166] OmniWeb IDN Spoofing Security Issue [SA14164] Safari IDN Spoofing Security Issue [SA14162] KDE Applications IDN Spoofing Security Issue [SA14158] Debian update for python2.2 [SA14150] Fedora update for python [SA14148] GNU Emacs "popmail()" Format String Vulnerability [SA14137] Ubuntu Postfix IPv6 Relaying Security Issue [SA14133] Mozilla Application Suite "MSG_UnEscapeSearchUrl()" Buffer Overflow [SA14129] Ubuntu update for python [SA14201] Avaya krb5 Two Vulnerabilities [SA14132] HP CIFS Server Security Descriptor Parsing Integer Overflow [SA14130] Sun Solaris Samba Integer Overflow Vulnerability [SA14184] Fedora update for postgresql PartB [SA14170] UnixWare / OpenServer TCP Connection Reset Denial of Service [SA14228] Mandrake update for squid [SA14157] Debian update for squid [SA14237] IBM AIX netpmon Privilege Escalation Vulnerability [SA14231] IBM AIX ipl_varyon Privilege Escalation Vulnerability [SA14230] Mandrake update for cpio [SA14226] Mandrake update for mysql [SA14218] Debian update for xview [SA14213] XView "xv_parse_one()" Buffer Overflow Vulnerability [SA14203] Mandrake update for perl [SA14200] Avaya Various Products Kernel Vulnerabilities [SA14199] Mandrake update for perl-DBI [SA14198] IBM AIX auditselect Format String Vulnerability [SA14188] Mac OS X Finder Insecure File Creation Vulnerability [SA14186] Red Hat update for perl [SA14176] SCO OpenServer "enable" Buffer Overflow Vulnerability [SA14175] UnixWare update for foomatic-rip [SA14173] IBM AIX chdev Format String Vulnerability [SA14171] Gentoo update for postgresql [SA14159] osh "iopen()" Buffer Overflow Vulnerability [SA14152] Avaya PDS Multiple Privilege Escalation Vulnerabilities [SA14151] Debian update for postgresql [SA14139] Debian update for ncpfs [SA14138] Ubuntu update for cpio [SA14153] Avaya CMS UDP End Point Handling Denial of Service [SA14216] F-Secure Multiple Products ARJ Archive Handling Vulnerability [SA14179] Symantec Multiple Products UPX Parsing Engine Buffer Overflow [SA14205] MyPHP Forum Multiple SQL Injection Vulnerabilities [SA14181] xGB Administrative User Authentication Bypass Vulnerability [SA14165] Netscape IDN Spoofing Security Issue [SA14163] Mozilla / Firefox / Camino IDN Spoofing Security Issue [SA14154] Opera IDN Spoofing Security Issue [SA14143] Chipmunk Forum Multiple SQL Injection Vulnerabilities [SA14142] CMScore Multiple SQL Injection Vulnerabilities [SA14141] BXCP "show" Local File Inclusion Vulnerability [SA14183] BrightStor ARCserve Backup Discovery Service Buffer Overflow [SA14160] Mozilla / Firefox Three Vulnerabilities [SA14135] PowerDNS Traffic Handling Denial of Service Vulnerability [SA14131] Claroline Add Course Script Insertion Vulnerability [SA14204] Emdros MQL Parser Memory Leak Vulnerabilities February 11th 2005 23 issues handled across 6 distros python squid php3 emacs PostgreSQL xemacs xview evolution mailman hztty system-config-printer hwbrowser cups hotplug xpdf kdegraphics gpdf mod_python libXpm Gallery kdelibs and kdebase Squirrelmail kernel |
February 9th 2005 (SF)
Security Focus
1. NCPFS Multiple Remote Vulnerabilities BugTraq ID: 12400 Remote: Yes Date Published: Jan 31 2005 Relevant URL: http://www.securityfocus.com/bid/12400 Summary: Multiple remote vulnerabilities affect ncpfs. These issues are due to a failure to manage access privileges securely and a failure to validate the length of user-supplied strings prior to copying them into finite process buffers. The first issue is a remote buffer overflow vulnerability. The second issue is an access validation issue due to the setuid privileges of ncpfs utilities. An attacker may leverage these issues to execute arbitrary code with the privileges of the affected application and to access arbitrary files with the escalated privileges. 2. CitrusDB Credit Card Data Remote Information Disclosure Vuln... BugTraq ID: 12402 Remote: Yes Date Published: Jan 31 2005 Relevant URL: http://www.securityfocus.com/bid/12402 Summary: A remote information disclosure issue affects CitrusDB. This issue is due to a design problem that grants unauthorized users the ability to export sensitive data. An attacker may leverage this issue to gain access to sensitive information including credit card data. 3. Xoops Incontent Module Directory Traversal Vulnerability BugTraq ID: 12406 Remote: Yes Date Published: Jan 28 2005 Relevant URL: http://www.securityfocus.com/bid/12406 Summary: Xoops Incontent module is reported prone to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input. A malicious user could issue a request containing directory traversal strings such as '../' to possibly view files outside the server root directory. Incontent version 3.0 is reported to be susceptible to this vulnerability. Other versions may also be affected. 4. Clam Anti-Virus ClamAV ZIP File Parsing Remote Denial Of Ser... BugTraq ID: 12408 Remote: Yes Date Published: Jan 31 2005 Relevant URL: http://www.securityfocus.com/bid/12408 Summary: A remote denial of service vulnerability affects ClamAV. This issue is due to a failure of the application to properly handle malicious file content. An attacker may leverage this issue to crash the Clam Anti-Virus daemon, potentially leaving an affected computer open to infection by malicious code. 5. RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerabil... BugTraq ID: 12410 Remote: Yes Date Published: Feb 01 2005 Relevant URL: http://www.securityfocus.com/bid/12410 Summary: RealNetworks RealPlayer is reported susceptible to a security zone bypass vulnerability. This issue is due to a failure of the application to properly enforce security zones, potentially allowing remote attackers to execute HTML or script code in the Local Zone of affected client computers. The embedded Internet Explorer engine in RealPlayer reportedly loads attacker-supplied files in the Local Zone, allowing attackers to execute malicious HTML and script code with potentially elevated privileges. This issue may be a variant, or be related to BIDs 10973, or 11466. It is unclear at this time if a further vulnerability has been discovered by this disclosure. This BID will be updated as further analysis is completed. 6. PostgreSQL LOAD Extension Local Privilege Escalation Vulnera... BugTraq ID: 12411 Remote: No Date Published: Feb 01 2005 Relevant URL: http://www.securityfocus.com/bid/12411 Summary: A local privilege escalation vulnerability affects PostgreSQL. This issue is due to a failure of the application to restrict critical functionality to privileged users. An attacker may leverage this issue to execute arbitrary code with the privileges of the affected database, potentially facilitating privilege escalation. 7. Squid Proxy Oversize HTTP Headers Unspecified Remote Vulnera... BugTraq ID: 12412 Remote: Yes Date Published: Feb 01 2005 Relevant URL: http://www.securityfocus.com/bid/12412 Summary: A remote unspecified vulnerability reportedly affects Squid Proxy. This issue is due to a failure of the application to properly handle malformed HTTP headers. The impact of this issue is currently unknown. This BID will be updated when more information becomes available. 8. SquirrelMail URL Remote Code Execution Vulnerability BugTraq ID: 12413 Remote: Yes Date Published: Feb 01 2005 Relevant URL: http://www.securityfocus.com/bid/12413 Summary: A remote code execution vulnerability affects SquirrelMail. Although unconfirmed, it is likely that this issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in functionality designed to carry out critical actions. An attacker may leverage this issue to execute arbitrary code with the privileges of the 'www-data' user; this may facilitate privilege escalation and system compromise. 9. Newsfetch SScanf Remote Buffer Overflow Vulnerability BugTraq ID: 12414 Remote: Yes Date Published: Feb 01 2005 Relevant URL: http://www.securityfocus.com/bid/12414 Summary: Newsfetch makes several insecure sscanf calls that could potentially result in a buffer overflow. This is a result of insufficient bounds checking when sscanf stores data in an internal buffer. 10. PostgreSQL Multiple Remote Vulnerabilities BugTraq ID: 12417 Remote: Yes Date Published: Feb 01 2005 Relevant URL: http://www.securityfocus.com/bid/12417 Summary: Multiple remote vulnerabilities affect PostgreSQL. These issues are due to design errors, buffer mismanagement errors, and issues that are currently unspecified. The first issue is a failure of the application to ensure function permissions are enforced. The second issue is a buffer overflow triggered when cursor declaration occurs. The final vulnerability is an unspecified security issue that exists in 'contrib/intagg'. The information currently available is not sufficient to provide a more in-depth technical description. This BID will be updated with the release of further details. An attacker may leverage these issues to execute arbitrary code with the privileges of the vulnerable database process and to execute functions without requiring permission. Other attacks are also possible. 11. Newspost Remote Buffer Overflow Vulnerability BugTraq ID: 12418 Remote: Yes Date Published: Feb 01 2005 Relevant URL: http://www.securityfocus.com/bid/12418 Summary: Newspost is prone to a remote buffer overflow vulnerability due to an unbounded memory copy operation. The problem occurs in the 'socket_getline()' function of 'socket.c' when the vulnerable client handles NNTP server responses. Successful exploitation of this issue could potentially lead to arbitrary code execution. This issue was reported to affect Newspost 2.1.1 and prior, however, other versions may be vulnerable. 12. Perl SuidPerl Multiple Local Vulnerabilities BugTraq ID: 12426 Remote: No Date Published: Feb 02 2005 Relevant URL: http://www.securityfocus.com/bid/12426 Summary: SuidPerl is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that the 'PERLIO_DEBUG' SuidPerl environment variable may be employed to corrupt arbitrary files. A local unprivileged attacker may exploit this vulnerability to corrupt arbitrary files with superuser privileges. This may ultimately lead to a denial of service for legitimate users or privilege escalation. SuidPerl is reported prone to a local buffer overflow vulnerability as well. This buffer overflow vulnerability may be exploited by a local attacker to gain superuser privileges. This issue is also exploited through the 'PERLIO_DEBUG' variable. 13. Squid Proxy squid_ldap_auth Authentication Bypass Vulnerabil... BugTraq ID: 12431 Remote: Yes Date Published: Feb 02 2005 Relevant URL: http://www.securityfocus.com/bid/12431 Summary: Squid Proxy is reported prone to an authentication bypass vulnerability. This issue seems to result of insufficient input validation. It is reported that the 'squid_ldap_auth' module is affected by this issue. A remote attacker may gain unauthorized access or gain elevated privileges from bypassing access controls. Squid versions 2.5 and earlier are reported prone to this vulnerability. 14. Squid Proxy WCCP recvfrom() Buffer Overflow Vulnerability BugTraq ID: 12432 Remote: Yes Date Published: Feb 02 2005 Relevant URL: http://www.securityfocus.com/bid/12432 Summary: The Squid proxy server is vulnerable to a remotely exploitable buffer overflow vulnerability. The vulnerability is in its implementation of WCCP (web cache communication protocol), a UDP based web cache management protocol. The condition is triggered when it reads a packet from the network that is larger than the size of the buffer allocated to store it. This can occur because recvfrom() is passed an incorrect value for its "len" argument. 15. Squid Proxy Malformed HTTP Header Parsing Cache Poisoning Vu... BugTraq ID: 12433 Remote: Yes Date Published: Feb 02 2005 Relevant URL: http://www.securityfocus.com/bid/12433 Summary: Squid Proxy is reported prone to a cache poisoning vulnerability when processing malformed HTTP requests and responses. This issue results from insufficient sanitzation of user-supplied data. Squid versions 2.5 and earlier are reported prone to this issue. 16. D-BUS Session Bus Local Privilege Escalation Vulnerability BugTraq ID: 12435 Remote: No Date Published: Feb 03 2005 Relevant URL: http://www.securityfocus.com/bid/12435 Summary: A local privilege escalation vulnerability affects D-BUS. This issue is due to a failure of the application to properly secure message bus sessions. An attacker may leverage this issue to send messages to the message bus of an unsuspecting user. This may facilitate command execution with the privileges of the unsuspecting user, ultimately leading to privilege escalation. 17. Python SimpleXMLRPCServer Library Module Unauthorized Access... BugTraq ID: 12437 Remote: Yes Date Published: Feb 03 2005 Relevant URL: http://www.securityfocus.com/bid/12437 Summary: A remote unauthorized access vulnerability affects Python. This issue is due to a failure of the API to properly secure access to sensitive internal data or functionality of registered objects and modules. A remote attacker may leverage this issue to gain unauthorized access to an affected computer. Other attacks are also possible. 18. SunShop Shopping Cart Cross-Site Scripting Vulnerability BugTraq ID: 12438 Remote: Yes Date Published: Feb 03 2005 Relevant URL: http://www.securityfocus.com/bid/12438 Summary: SunShop Shopping Cart is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input. This issue is reported to affect SunShop Shopping Cart version 3.4RC1; earlier versions may also be affected. 19. Linux Kernel IPV6_Setsockopt IPV6_PKTOPTIONS Integer Overflo... BugTraq ID: 12441 Remote: No Date Published: Feb 03 2005 Relevant URL: http://www.securityfocus.com/bid/12441 Summary: An integer overflow vulnerability is reported in the Linux kernel 'ipv6_setsockopt()' system call. This issue is related to the code for handling the IPV6_PKTOPTIONS socket option, which is used to provide the kernel with IPv6 options for a designation socket. This issue may be exploited by a local user to compromise the system. Exploitation could also result in a denial of service. It should be noted that this type of vulnerability might provide a generic means of privilege escalation across Linux distributions once a remote attacker has gained unauthorized access as a lower privileged user. **Update: Conflicting reports suggest that this issue is not in fact a vulnerability. It is reported that the 'optlen' value is sanitized in 'linux/net/socket.c' before reaching the code that is reported vulnerable. 20. ht://Dig Unspecified Cross-Site Scripting Vulnerability BugTraq ID: 12442 Remote: Yes Date Published: Feb 03 2005 Relevant URL: http://www.securityfocus.com/bid/12442 Summary: ht://Dig is reported prone to an unspecified cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI data prior to including it in dynamically generated Web page content. All versions of ht://Dig are considered vulnerable at the moment. This BID will be updated when more information becomes available. 21. Postfix IPv6 Unauthorized Mail Relay Vulnerability BugTraq ID: 12445 Remote: Yes Date Published: Feb 04 2005 Relevant URL: http://www.securityfocus.com/bid/12445 Summary: Postfix is prone to a vulnerability that allows the application to be abused as a mail relay. Arbitrary mail may be sent to any MX host with an IPv6 address. This could be exploited by spammers or other malicious parties. Postfix 2.1.3 is reported prone to this issue. It is possible that other versions are affected as well. 22. PowerDNS Unspecified Remote Denial of Service Vulnerability BugTraq ID: 12446 Remote: Yes Date Published: Feb 04 2005 Relevant URL: http://www.securityfocus.com/bid/12446 Summary: PowerDNS is reported prone to an unspecified remote denial of service vulnerability. It is conjectured that this issue likely results from the failure of the application to handle exceptional conditions. PowerDNS versions prior to 2.9.17 are reported vulnerable to this issue. 23. Netgear DG834 ADSL Firewall Router Insecure Configuration Vu... BugTraq ID: 12447 Remote: Yes Date Published: Feb 04 2005 Relevant URL: http://www.securityfocus.com/bid/12447 Summary: The Netgear DG834 ADSL Firewall Router is reported prone to a firewall insecure configuration vulnerability. It is reported that when the affected appliance is configured so that NAT (Network Address Translation) is disabled the firewall becomes ineffective. This vulnerability will result in a false sense of security where a user may believe that their network and appliance is protected when it is not. |
February 11th 2005 (SN) Part A
Secunia
[SA14167] Debian update for php3 Critical: Highly critical Where: From remote Impact: System access, Security Bypass Released: 2005-02-07 Debian has issued an update for php3. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security functionality or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14167/ [SA14156] Gentoo update for openmotif Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-07 Gentoo has issued an update for openmotif. This fixes multiple vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14156/ [SA14149] SUSE Updates for Multiple Packages Critical: Highly critical Where: From remote Impact: Unknown, Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2005-02-07 SUSE has issued updates for multiple packages. These fix various vulnerabilities, where some has an unknown impacts, and others can be exploited to cause a DoS (Denial of Service), perform spoofing and cross-site scripting attacks, disclose sensitive information, perform certain actions with escalated privileges, or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14149/ [SA14140] Gentoo update for lesstif Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-02-07 Gentoo has issued an update for lesstif. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14140/ [SA14245] Red Hat update for emacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-11 Red Hat has issued an update for emacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14245/ [SA14242] Fedora update for mailman Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-11 Fedora has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14242/ [SA14241] Red Hat update for squirrelmail Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, Cross Site Scripting Released: 2005-02-11 Red Hat has issued an update for squirrelmail. This fixes three vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14241/ [SA14240] Red Hat update for xemacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-11 Red Hat has issued an update for xemacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14240/ [SA14239] Red Hat update for kdelibs/kdebase Critical: Moderately critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-02-11 Red Hat has issued updates for kdelibs and kdebase. These fix some vulnerabilities, which can be exploited by malicious people to conduct FTP command injection attacks, spoof the content of websites, bypass certain security restrictions and compromise a user's system. Full Advisory: http://secunia.com/advisories/14239/ [SA14238] Gentoo update for mailman Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-11 Gentoo has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14238/ [SA14229] Mandrake update for enscript Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-11 MandrakeSoft has issued an update for enscript. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14229/ [SA14227] Mandrake update for python Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, System access Released: 2005-02-11 MandrakeSoft has issued an update for python. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14227/ [SA14223] Debian update for mailman Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of sensitive information Released: 2005-02-11 Debian has issued an update for mailman. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. Full Advisory: http://secunia.com/advisories/14223/ [SA14222] Red Hat update for mailman Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-11 Red Hat has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14222/ [SA14220] HP-UX BIND Unspecified Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-02-10 A vulnerability has been reported in HP-UX, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14220/ [SA14215] Debian update for evolution Critical: Moderately critical Where: From remote Impact: Privilege escalation, System access Released: 2005-02-10 Debian has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14215/ [SA14212] Ubuntu update for mailman Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-10 Ubuntu has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14212/ [SA14211] Mailman "private.py" Directory Traversal Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-10 John Cartwright has reported a vulnerability in Mailman, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14211/ [SA14208] SUSE update for squid Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, DoS, System access Released: 2005-02-11 SUSE has issued an update for squid, which fixes multiple vulnerabilities. One has an unknown impact, and others can be exploited to bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14208/ [SA14207] Gentoo update for pdftohtml Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-10 Gentoo has issued an update for pdftohtml. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14207/ [SA14202] Gentoo update for python Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, System access Released: 2005-02-09 Gentoo has issued an update for python. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14202/ [SA14196] Fedora update for emacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-09 Fedora has issued an update for emacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14196/ [SA14194] Debian update for emacs20 Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-09 Debian has issued an update for emacs20. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14194/ [SA14191] Debian update for xemacs21 Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-09 Debian has issued an update for xemacs21. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14191/ [SA14185] Ubuntu update for squid Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, DoS Released: 2005-02-08 Ubuntu has issued an update for squid, which fixes various vulnerabilities. One has an unknown impact, and others can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14185/ [SA14182] Frox Deny ACL Security Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-02-08 A vulnerability has been reported in Frox, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14182/ [SA14178] UnixWare update for racoon Critical: Moderately critical Where: From remote Impact: Hijacking, Security Bypass, Manipulation of data, DoS Released: 2005-02-08 SCO has issued an update for racoon. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), establish unauthorised connections, bypass certain security restrictions, and conduct MitM (Man-in-the-Middle) attacks. Full Advisory: http://secunia.com/advisories/14178/ [SA14168] Ubuntu update for emacs21-bin-common Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-08 Ubuntu has issued an update for emacs21-bin-common. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14168/ [SA14166] OmniWeb IDN Spoofing Security Issue Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-02-07 Eric Johanson has reported a security issue in OmniWeb, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar. Full Advisory: http://secunia.com/advisories/14166/ [SA14164] Safari IDN Spoofing Security Issue Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-02-07 Eric Johanson has reported a security issue in Safari, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar. Full Advisory: http://secunia.com/advisories/14164/ [SA14162] KDE Applications IDN Spoofing Security Issue Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-02-07 Eric Johanson has reported a security issue in Konqueror, which can be exploited by a malicious web site to spoof the URL displayed in the address bar and status bar. Full Advisory: http://secunia.com/advisories/14162/ [SA14158] Debian update for python2.2 Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, System access Released: 2005-02-07 Debian has issued an update for python2.2. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14158/ [SA14150] Fedora update for python Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, System access Released: 2005-02-07 Fedora has issued an update for python. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14150/ [SA14148] GNU Emacs "popmail()" Format String Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-08 A vulnerability has been reported in GNU Emacs, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14148/ [SA14137] Ubuntu Postfix IPv6 Relaying Security Issue Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-02-04 Ubuntu has issued an update for postfix. This fixes a security issue, which can be exploited by malicious people to use a vulnerable system as an open relay. Full Advisory: http://secunia.com/advisories/14137/ [SA14133] Mozilla Application Suite "MSG_UnEscapeSearchUrl()" Buffer Overflow Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-02-04 HP has confirmed a vulnerability in Mozilla Application Suite for Tru64 UNIX, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/14133/ [SA14129] Ubuntu update for python Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, System access Released: 2005-02-04 Ubuntu has issued updates for python2.2 and python2.3. These fix a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14129/ [SA14201] Avaya krb5 Two Vulnerabilities Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-02-10 Avaya has acknowledged some vulnerabilities in krb5, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges and by malicious users to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14201/ [SA14132] HP CIFS Server Security Descriptor Parsing Integer Overflow Critical: Moderately critical Where: From local network Impact: System access Released: 2005-02-04 HP has acknowledged a vulnerability in CIFS Server, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14132/ [SA14130] Sun Solaris Samba Integer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: System access Released: 2005-02-04 Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14130/ [SA14184] Fedora update for postgresql Critical: Less critical Where: From remote Impact: Unknown, Security Bypass, Privilege escalation Released: 2005-02-08 Fedora has issued an update for postgresql. This fixes various vulnerabilities, where some have an unknown impact and others can be exploited by malicious users to gain escalated privileges or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14184/ |
Secunia - Part B
[SA14170] UnixWare / OpenServer TCP Connection Reset Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2005-02-08 SCO has acknowledged a vulnerability in UnixWare and OpenServer, which can be exploited by malicious people to reset established TCP connections on a vulnerable system. Full Advisory: http://secunia.com/advisories/14170/ [SA14228] Mandrake update for squid Critical: Less critical Where: From local network Impact: Security Bypass, DoS Released: 2005-02-11 MandrakeSoft has issued an update for squid. This fixes a vulnerability and a security issue, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14228/ [SA14157] Debian update for squid Critical: Less critical Where: From local network Impact: Security Bypass, DoS Released: 2005-02-07 Debian has issued an update for squid. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14157/ [SA14237] IBM AIX netpmon Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-11 iDEFENSE has reported a vulnerability in IBM AIX, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14237/ [SA14231] IBM AIX ipl_varyon Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-11 iDEFENSE has reported a vulnerability in IBM AIX, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14231/ [SA14230] Mandrake update for cpio Critical: Less critical Where: Local system Impact: Manipulation of data, Exposure of sensitive information Released: 2005-02-11 MandrakeSoft has issued an update for cpio. This fixes a vulnerability, which can be exploited by malicious, local users to disclose and manipulate information. Full Advisory: http://secunia.com/advisories/14230/ [SA14226] Mandrake update for mysql Critical: Less critical Where: Local system Impact: Manipulation of data, Exposure of sensitive information, Privilege escalation Released: 2005-02-11 MandrakeSoft has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14226/ [SA14218] Debian update for xview Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-10 Debian has issued an update for xview. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14218/ [SA14213] XView "xv_parse_one()" Buffer Overflow Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-10 Erik Sjölund has reported a vulnerability in XView, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14213/ [SA14203] Mandrake update for perl Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-09 MandrakeSoft has issued an update for perl. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14203/ [SA14200] Avaya Various Products Kernel Vulnerabilities Critical: Less critical Where: Local system Impact: Privilege escalation, DoS Released: 2005-02-09 Avaya has acknowledged some vulnerabilities in various products, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges. Full Advisory: http://secunia.com/advisories/14200/ [SA14199] Mandrake update for perl-DBI Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-09 MandrakeSoft has issued an update for perl-DBI. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14199/ [SA14198] IBM AIX auditselect Format String Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-09 iDEFENSE has reported a vulnerability in IBM AIX, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14198/ [SA14188] Mac OS X Finder Insecure File Creation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-08 vade79 has discovered a vulnerability in Finder, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14188/ [SA14186] Red Hat update for perl Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-08 Red Hat has issued an update for perl. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14186/ [SA14176] SCO OpenServer "enable" Buffer Overflow Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-08 A vulnerability has been reported in OpenServer, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14176/ [SA14175] UnixWare update for foomatic-rip Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-08 SCO has issued an update for foomatic-rip. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14175/ [SA14173] IBM AIX chdev Format String Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-08 iDEFENSE has reported a vulnerability in AIX, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14173/ [SA14171] Gentoo update for postgresql Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-08 Gentoo has issued an update for postgresql. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14171/ [SA14159] osh "iopen()" Buffer Overflow Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-08 Charles Stevenson has reported a vulnerability in osh, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14159/ [SA14152] Avaya PDS Multiple Privilege Escalation Vulnerabilities Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-07 Avaya has acknowledged some vulnerabilities in PDS, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14152/ [SA14151] Debian update for postgresql Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-07 Debian has issued an update for postgresql. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14151/ [SA14139] Debian update for ncpfs Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-04 Debian has issued an update for ncpfs. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14139/ [SA14138] Ubuntu update for cpio Critical: Less critical Where: Local system Impact: Manipulation of data, Exposure of sensitive information Released: 2005-02-04 Ubuntu has issued an update for cpio. This fixes a vulnerability, which can be exploited by malicious, local users to disclose and manipulate information. Full Advisory: http://secunia.com/advisories/14138/ [SA14153] Avaya CMS UDP End Point Handling Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2005-02-07 Avaya has acknowledged a vulnerability in CMS, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14153/ [SA14216] F-Secure Multiple Products ARJ Archive Handling Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-10 ISS X-Force has reported a vulnerability in multiple F-Secure products, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14216/ [SA14179] Symantec Multiple Products UPX Parsing Engine Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-09 ISS X-Force has reported a vulnerability in multiple Symantec products, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14179/ [SA14205] MyPHP Forum Multiple SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-02-10 foster GHC has reported some vulnerabilities in MyPHP Forum, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/14205/ [SA14181] xGB Administrative User Authentication Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-02-08 Albania Security Clan has reported a vulnerability in xGB, which can be exploited by malicious people to bypass the user authentication and gain administrative access. Full Advisory: http://secunia.com/advisories/14181/ [SA14165] Netscape IDN Spoofing Security Issue Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-02-07 Eric Johanson has reported a security issue in Netscape, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar. Full Advisory: http://secunia.com/advisories/14165/ [SA14163] Mozilla / Firefox / Camino IDN Spoofing Security Issue Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-02-07 Eric Johanson has reported a security issue in Mozilla / Firefox / Camino, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar. Full Advisory: http://secunia.com/advisories/14163/ [SA14154] Opera IDN Spoofing Security Issue Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-02-07 Eric Johanson has reported a security issue in Opera, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar. Full Advisory: http://secunia.com/advisories/14154/ [SA14143] Chipmunk Forum Multiple SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-02-07 GHC vision has reported some vulnerabilities in Chipmunk Forum, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/14143/ [SA14142] CMScore Multiple SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-02-07 GHC vision has reported some vulnerabilities in CMScore, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/14142/ [SA14141] BXCP "show" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-07 Majest has reported a vulnerability in BXCP, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14141/ [SA14183] BrightStor ARCserve Backup Discovery Service Buffer Overflow Critical: Moderately critical Where: From local network Impact: System access Released: 2005-02-08 Patrik Karlsson has reported a vulnerability in BrightStor ARCserve/Enterprise Backup, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14183/ [SA14160] Mozilla / Firefox Three Vulnerabilities Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data Released: 2005-02-08 mikx has discovered three vulnerabilities in Mozilla and Firefox, which can be exploited by malicious people to plant malware on a user's system, conduct cross-site scripting attacks and bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14160/ [SA14135] PowerDNS Traffic Handling Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2005-02-04 A vulnerability has been reported in PowerDNS, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14135/ [SA14131] Claroline Add Course Script Insertion Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-04 Yiannis Girod has reported a vulnerability in Claroline, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/14131/ [SA14204] Emdros MQL Parser Memory Leak Vulnerabilities Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-09 Some vulnerabilities have been reported in Emdros, which potentially can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14204/ |
February 11th 2005 (LAW)
Linux Advisory Watch
Distribution: Debian * Debian: New Python2.2 packages fix unauthorised XML-RPC access 4th, February, 2005 For the stable distribution (woody) this problem has been fixed in version 2.2.1-4.7. No other version of Python in woody is affected. http://www.linuxsecurity.com/content/view/118182 * Debian: New squid packages fix several vulnerabilities 4th, February, 2005 LDAP is very forgiving about spaces in search filters and this could be abused to log in using several variants of the login name, possibly bypassing explicit access controls or confusing accounting. http://www.linuxsecurity.com/content/view/118184 * Debian: New php3 packages fix several vulnerabilities 7th, February, 2005 http://www.linuxsecurity.com/content/view/118192 * Debian: New emacs20 packages fix arbitrary code execution 8th, February, 2005 http://www.linuxsecurity.com/content/view/118207 * Debian: New PostgreSQL packages fix arbitrary library loading 4th, February, 2005 http://www.linuxsecurity.com/content/view/118186 * Debian: New xemacs21 packages fix arbitrary code execution 8th, February, 2005 http://www.linuxsecurity.com/content/view/118210 * Debian: New xview packages fix potential arbitrary code execution 9th, February, 2005 http://www.linuxsecurity.com/content/view/118222 * Debian: New evolution packages fix arbitrary code execution as root 10th, February, 2005 Max Vozeler discovered an integer overflow in a helper application inside of Evolution, a free grouware suite. A local attacker could cause the setuid root helper to execute arbitrary code with elevated privileges. http://www.linuxsecurity.com/content/view/118234 * Debian: New mailman packages fix several vulnerabilities 10th, February, 2005 http://www.linuxsecurity.com/content/view/118235 * Debian: New hztty packages fix local utmp exploit 10th, February, 2005 http://www.linuxsecurity.com/content/view/118245 Distribution: Fedora * Fedora Core 3 Update: system-config-printer-0.6.116.1.1-1 4th, February, 2005 http://www.linuxsecurity.com/content/view/118187 * Fedora Core 3 Update: hwbrowser-0.19-0.fc3.2 4th, February, 2005 http://www.linuxsecurity.com/content/view/118188 * Fedora Core 3 Update: python-2.3.4-13.1 4th, February, 2005 An object traversal bug was found in the Python SimpleXMLRPCServer. http://www.linuxsecurity.com/content/view/118190 * Fedora Core 3 Update: postgresql-7.4.7-1.FC3.2 7th, February, 2005 http://www.linuxsecurity.com/content/view/118202 * Fedora Core 2 Update: postgresql-7.4.7-1.FC2.2 7th, February, 2005 http://www.linuxsecurity.com/content/view/118203 * Fedora Core 2 Update: cups-1.1.20-11.11 8th, February, 2005 A problem with PDF handling was discovered by Chris Evans, and has been fixed. The Common Vulnerabilities and Exposures project (www.mitre.org) has assigned the name CAN-2004-0888 to this issue. FEDORA-2004-337 attempted to correct this but the patch was incomplete. http://www.linuxsecurity.com/content/view/118212 * Fedora Core 3 Update: cups-1.1.22-0.rc1.8.5 8th, February, 2005 A problem with PDF handling was discovered by Chris Evans, and has been fixed. The Common Vulnerabilities and Exposures project (www.mitre.org) has assigned the name CAN-2004-0888 to this issue. FEDORA-2004-337 attempted to correct this but the patch was incomplete. http://www.linuxsecurity.com/content/view/118213 * Fedora Core 2 Update: hotplug-2004_04_01-1.1 8th, February, 2005 This update fixes updfstab in the presence of multiple USB plug/unplug events. http://www.linuxsecurity.com/content/view/118214 * Fedora Core 3 Update: emacs-21.3-21.FC3 8th, February, 2005 This update fixes the CAN-2005-0100 movemail vulnerability and backports the latest bug fixes. http://www.linuxsecurity.com/content/view/118219 * Fedora Core 2 Update: xpdf-3.00-3.8 9th, February, 2005 http://www.linuxsecurity.com/content/view/118223 * Fedora Core 3 Update: xpdf-3.00-10.4 9th, February, 2005 http://www.linuxsecurity.com/content/view/118224 * Fedora Core 3 Update: kdegraphics-3.3.1-2.4 9th, February, 2005 http://www.linuxsecurity.com/content/view/118225 * Fedora Core 2 Update: kdegraphics-3.2.2-1.4 9th, February, 2005 http://www.linuxsecurity.com/content/view/118226 * Fedora Core 2 Update: gpdf-2.8.2-4.1 9th, February, 2005 http://www.linuxsecurity.com/content/view/118230 * Fedora Core 3 Update: gpdf-2.8.2-4.2 9th, February, 2005 http://www.linuxsecurity.com/content/view/118231 * Fedora Core 3 Update: mailman-2.1.5-30.fc3 10th, February, 2005 There is a critical security flaw in Mailman 2.1.5 which will allow attackers to read arbitrary files. http://www.linuxsecurity.com/content/view/118243 * Fedora Core 2 Update: mailman-2.1.5-8.fc2 10th, February, 2005 There is a critical security flaw in Mailman 2.1.5 which will allow attackers to read arbitrary files. http://www.linuxsecurity.com/content/view/118244 * Fedora Core 2 Update: mod_python-3.1.3-1.fc2.2 10th, February, 2005 Graham Dumpleton discovered a flaw affecting the publisher handler of mod_python, used to make objects inside modules callable via URL. http://www.linuxsecurity.com/content/view/118252 * Fedora Core 3 Update: mod_python-3.1.3-5.2 10th, February, 2005 Graham Dumpleton discovered a flaw affecting the publisher handler of mod_python, used to make objects inside modules callable via URL. http://www.linuxsecurity.com/content/view/118253 Distribution: Gentoo * Gentoo: pdftohtml Vulnerabilities in included Xpdf 9th, February, 2005 pdftohtml includes vulnerable Xpdf code to handle PDF files, making it vulnerable to execution of arbitrary code upon converting a malicious PDF file. http://www.linuxsecurity.com/content/view/118221 * Gentoo: LessTif Multiple vulnerabilities in libXpm 6th, February, 2005 Multiple vulnerabilities have been discovered in libXpm, which is included in LessTif, that can potentially lead to remote code execution. http://www.linuxsecurity.com/content/view/118191 * Gentoo: PostgreSQL Local privilege escalation 7th, February, 2005 The PostgreSQL server can be tricked by a local attacker to execute arbitrary code. http://www.linuxsecurity.com/content/view/118199 * Gentoo: OpenMotif Multiple vulnerabilities in libXpm 7th, February, 2005 Multiple vulnerabilities have been discovered in libXpm, which is included in OpenMotif, that can potentially lead to remote code execution. http://www.linuxsecurity.com/content/view/118193 * Gentoo: Python Arbitrary code execution through SimpleXMLRPCServer 8th, February, 2005 Python-based XML-RPC servers may be vulnerable to remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/118216 * Gentoo: Python Arbitrary code execution through SimpleXMLRPCServer 10th, February, 2005 Python-based XML-RPC servers may be vulnerable to remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/118240 * Gentoo: Mailman Directory traversal vulnerability 10th, February, 2005 Mailman fails to properly sanitize input, leading to information disclosure. http://www.linuxsecurity.com/content/view/118242 * Gentoo: Gallery Cross-site scripting vulnerability 10th, February, 2005 The cross-site scripting vulnerability that Gallery 1.4.4-pl5 was intended to fix, did not actually resolve the issue. The Gallery Development Team have released version 1.4.4-pl6 to properly solve this problem. http://www.linuxsecurity.com/content/view/118251 Distribution: Mandrake * Mandrake: Updated perl-DBI packages 8th, February, 2005 Javier Fernandez-Sanguino Pena disovered the perl5 DBI library created a temporary PID file in an insecure manner, which could be exploited by a malicious user to overwrite arbitrary files owned by the user executing the parts of the library. The updated packages have been patched to prevent these problems. http://www.linuxsecurity.com/content/view/118217 * Mandrake: Updated perl packages fix 8th, February, 2005 Updated perl package. http://www.linuxsecurity.com/content/view/118218 Distribution: Red Hat * RedHat: Updated Perl packages fix security issues 7th, February, 2005 Updated Perl packages that fix several security issues are now available for Red Hat Enterprise Linux 3. http://www.linuxsecurity.com/content/view/118195 * RedHat: Updated mailman packages fix security 10th, February, 2005 Updated mailman packages that correct a mailman security issue are now available. http://www.linuxsecurity.com/content/view/118239 * RedHat: Updated kdelibs and kdebase packages correct 10th, February, 2005 Updated kdelib and kdebase packages that resolve several security issues are now available. http://www.linuxsecurity.com/content/view/118246 * RedHat: Updated mod_python package fixes security issue 10th, February, 2005 An Updated mod_python package that fixes a security issue in the publisher handler is now available. http://www.linuxsecurity.com/content/view/118247 * RedHat: Updated emacs packages fix security issue 10th, February, 2005 Updated Emacs packages that fix a string format issue are now available. http://www.linuxsecurity.com/content/view/118248 * RedHat: Updated xemacs packages fix security issue 10th, February, 2005 Updated XEmacs packages that fix a string format issue are now available. http://www.linuxsecurity.com/content/view/118249 * RedHat: Updated Squirrelmail package fixes security 10th, February, 2005 An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3. http://www.linuxsecurity.com/content/view/118250 Distribution: SuSE * SuSE: kernel bugfixes and SP1 merge 4th, February, 2005 Two weeks ago we released the Service Pack 1 for our SUSE Linux Enterprise Server 9 product. Due to the strict code freeze we were not able to merge all the security fixes from the last kernel update on Jan23rd (SUSE-SA:2005:003) into this kernel. http://www.linuxsecurity.com/content/view/118185 * SuSE: squid (SUSE-SA:2005:006) 10th, February, 2005 The last two squid updates from February the 1st and 10th fix several vulnerabilities. The impact of them range from remote denial-of-service over cache poisoning to possible remote command execution. http://www.linuxsecurity.com/content/view/118241 |
All times are GMT -5. The time now is 10:55 PM. |