AI News Feed – Page 398 – Search.AI.Wiki

Fedora: Xboard predictable file-write exploit

XBoard 4.2.6 and older contains a script which writes to a file in /tmp with a predictable filename. Malicious users could use this vulnerability to force XBoard users to overwrite any file writableby them.…

Fedora: rsync heap overflow vulnerability

A heap overflow bug exists in rsync versions prior to 2.5.7. Onmachines where the rsync server has been enabled, a remote attackercould use this flaw to execute arbitrary code as an unprivileged user.…

Fedora: Kernel crash vulnerability

The kernel shipped with Fedora Core 1 was vulnerable to a bug in theerror return on a concurrent fork() with threaded exit() which could beexploited by a user level program to crash the kernel.…

Fedora: Etherial buffer overflow vulnerability

These updated ethereal packages fix a security problem found in versions prior to 0.9.16. It also fixes several other minor bugs and problems.…

FreeBSD: buffer management error

A bug has been found in OpenSSH's buffer handling where a buffer could be marked as grown when the actual reallocation failed.…

RedHat: up2date multiple vulnerabilities

This release also includes an updated RHNS-CA-CERT file, which contains an additional CA certificate. This is needed so that up2date can continue to communicate with Red Hat Network once the current CA certificate reaches its August 2003 expiration date.…

RedHat: man arbitrary code execution vulnerability

Versions of man before 1.51 have a bug where a malformed man file can cause a program named "unsafe" to be run.…

RedHat: zlib buffer overflow vulernability

Updated zlib packages are now available which fix a buffer overflow vulnerability.…

RedHat: micq denial of service vulnerability

Updated mICQ packages are available for Red Hat Linux versions 7.2 and 7.3 that fix a remote crash.…

RedHat: kerberos mutliple vulnerabilities

Updated Kerberos packages for Red Hat Linux 9 fix a number of vulnerabilities found in MIT Kerberos.…

RedHat: kerberos mutliple vulnerabilities

Updated Kerberos packages for Red Hat Linux 9 fix a number of vulnerabilities found in MIT Kerberos.…

FreeBSD: REVISED: openssl information leak

OpenSSL has been found to vulnerable to a timing-based attack on CBC ciphersuites used in SSL and TLS.…

FreeBSD: REVISED: openssl information leak

OpenSSL has been found to vulnerable to a timing-based attack on CBC ciphersuites used in SSL and TLS.…

RedHat: windowmaker buffer overflow vulnerability

Al Viro found a buffer overflow in Window Maker 0.80.0 and earlier which may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to…

FreeBSD: REVISED: bind multiple vulnerabilities

Several vulnerabilities have been discovered concerning bind 8.…

FreeBSD: REVISED: bind multiple vulnerabilities

Several vulnerabilities have been discovered concerning bind 8.…

FreeBSD: REVISED: smrsh arbitrary command execution vulnerability

Errors in smrsh's handling of command arguments with "||" or spaces may allow the execution of commands outside of those in its target directory.…

FreeBSD: ‘openssl’ Multiple vulnerabilities

At least one of the buffer overflows is known to be exploitable, andthe others may be as well. A successful exploit of an applicationusing OpenSSL may result in arbitrary code execution. Both clientsand servers may be attacked.…

RedHat: ‘mailman’ XSS Vulnerability

Updated mailman packages are now available for Red Hat Secure Web Server3.2 (U.S.). These updates resolve a cross-site scripting vulnerabilitypresent in versions of Mailman prior to 2.0.11.…

FreeBSD: Apache and other vulnerabilities

Apache, bind9, courier-imap, ethereal, fakebo, fragroute, ghostscript-gnu, icmpmonitor, imap-uw, mnews, nn, sharity-light, slurp, and xchat have been updated.…

文 » A