Two new security updates for Debian GNU/Linux are available:
DSA-277-1 apcupsd -- buffer overflows, format string
The controlling and management daemon apcupsd for APC's Unbreakable Power Supplies is vulnerable to several buffer overflows and format string attacks. These bugs can be exploited remotely by an attacker to gain root access to the machine apcupsd is running on.
Read more
DSA-276-1 linux-kernel-s390 -- local privilege escalation
The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible.
Read more
DSA-277-1 apcupsd -- buffer overflows, format string
The controlling and management daemon apcupsd for APC's Unbreakable Power Supplies is vulnerable to several buffer overflows and format string attacks. These bugs can be exploited remotely by an attacker to gain root access to the machine apcupsd is running on.
Read more
DSA-276-1 linux-kernel-s390 -- local privilege escalation
The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible.
Read more
