Mandrake Security Updates

Security 10929 Published by Philipp Esselbach 0

Two new security updates for Mandrake Linux has been released:

MDKSA-2003:046 : gtkhtml

A vulnerability in GtkHTML was discovered by Alan Cox with the Evolution email client. GtkHTML is used to handle HTML messages in Evolution and certain malformed messages could cause Evolution to crash due to this bug.

Read more

MDKSA-2003:045 : evolution

Several vulnerabilities were discovered in the Evolution email client. These problems make it possible for a carefully constructed email message to crash the program, causing general system instability by starving resources.

Read more

glibc/moxftp Update for Debian

Security 10929 Published by 0

Two new security updates for Debian GNU/Linux are now available:

DSA-282-1 glibc -- integer overflow

eEye Digital Security discovered an integer overflow in the xdrmem_getbytes() function which is also present in GNU libc. This function is part of the XDR (external data representation) encoder/decoder derived from Sun's RPC implementation. Depending upon the application, this vulnerability can cause buffer overflows and could possibly be exploited to execute arbitrary code.

Read more

DSA-281-1 moxftp -- buffer overflow

Knud Erik Højgaard discovered a vulnerability in moxftp (and xftp respectively), an Athena X interface to FTP. Insufficient bounds checking could lead to execution of arbitrary code, provided by a malicious FTP server. Erik Tews fixed this.

Read more

Red Hat 8.0/9 Updates

Security 10929 Published by Philipp Esselbach 0

Red Hat has released new updates for Red Hat Linux 8.0 and 9:

Red Hat 9
- Updated RHN Notification Tool available
- New samba packages fix security vulnerability
- Updated httpd packages fix security vulnerabilities.
- Updated 2.4 kernel fixes USB storage

Read more

Red Hat 8.0
- Updated RHN Notification Tool available
- New samba packages fix security vulnerability
- Updated httpd packages fix security vulnerabilities.
- Updated mgetty packages available

Read more

Samba/Metrics Packages for Debian

Security 10929 Published by Philipp Esselbach 0

The following security updates for Debian GNU/Linux has been released

DSA-280-1 samba -- buffer overflow

Digital Defense, Inc. has alerted the Samba Team to a serious vulnerability in Samba, a LanManager-like file and printer server for Unix. This vulnerability can lead to an anonymous user gaining root access on a Samba serving system. An exploit for this problem is already circulating and in use.

Since the packags for potato are quite old it is likely that they contain more security-relevant bugs that we know of. You are therefore advised to upgrade your systems running Samba to woody soon.

Read more

DSA-279-1 metrics -- insecure temporary file creation

Paul Szabo and Matt Zimmerman discoverd two similar problems in metrics, a tools for software metrics. Two scripts in this package, "halstead" and "gather_stats", open temporary files without taking appropriate security precautions. "halstead" is installed as a user program, while "gather_stats" is only used in an auxiliary script included in the source code. These vulnerabilities could allow a local attacker to overwrite files owned by the user running the scripts, including root.

Read more

Samba flaw threatens Linux file servers

Security 10929 Published by Philipp Esselbach 0

The Samba Team released a patch on Monday for the second major security flaw found in the past few weeks in the open-source group's widely used program for sharing Windows files between Unix and Linux systems.

Read more

Debian Security Updates

Security 10929 Published by Philipp Esselbach 0

Two new security updates for Debian GNU/Linux are available:

DSA-277-1 apcupsd -- buffer overflows, format string

The controlling and management daemon apcupsd for APC's Unbreakable Power Supplies is vulnerable to several buffer overflows and format string attacks. These bugs can be exploited remotely by an attacker to gain root access to the machine apcupsd is running on.

Read more

DSA-276-1 linux-kernel-s390 -- local privilege escalation

The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible.

Read more

lpr-ppd Update for Debian

Security 10929 Published by Philipp Esselbach 0

A new security updates for Debian GNU/Linux has been released:

DSA-275-1 lpr-ppd -- buffer overflow

A buffer overflow has been discovered in lpr, a BSD lpr/lpd line printer spooling system. This problem can be exploited by a local user to gain root privileges, even if the printer system is set up properly.

Read more

Mandrake Security Updates

Security 10929 Published by Philipp Esselbach 0

MandrakeSoft has released the following security updates for Mandrake Linux:

MDKSA-2003:043 - krb5
MDKSA-2003:042 - sendmail
MDKSA-2003:041 - mutt
MDKSA-2003:040 - Eterm

Read more

Updated OpenSSL/Samba packages for RH

Security 10929 Published by Philipp Esselbach 0

Red Hat has released new security updates:

New samba packages

Updated Samba packages for Red Hat Linux 9 are now included. Please note that this issue only affects Red Hat Linux 9 boxed sets manufactured for distribution within the United States. The part numbers, which can be found on the bottom flap of the box, are RHF0120US and RHF0121US.

Read more

Updated OpenSSL packages

Updated OpenSSL packages for Red Hat 6.2 - 9 are available that fix a potential timing-based attack and a modified Bleichenbacher attack.

Read more

Gentoo Security Updates

Security 10929 Published by Philipp Esselbach 0

The following new security updates are available for Gentoo Linux:

- GLSA: dietlibc (200303-29)
- GLSA: krb5 & mit-krb5 (200303-28)
- GLSA: sendmail (200303-27)
- GLSA: openafs (200303-26)

Read more

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...