Debian Linux Distribution - Page 292

Find the information you need for your favorite open source distribution .

New version of proftpd fixes remote exploits

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The proftpd version that was distributed in Debian GNU/Linux 2.1 had several buffer overruns that could be exploited by remote attackers. A short list of problems: * user input was used in snprintf() without sufficient checks * there was an overflow in the log_xfer() routine * you could overflow a buffer by using very long pathnames

New versions of lpr released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The version of lpr that was distributed with Debian GNU/Linux 2.1 suffers from a couple of problems: * there was a race in lpr that could be exploited by users to print files they can not normally read * lpd did not check permissions of queue-files. As a result by using the -s flag it could be tricked into printing files a user can otherwise not read

New version of nis released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The nis package that was distributed with Debian GNU/Linux 2.1 has a couple of problems: * ypserv allowed any machine in the NIS domain to insert new tables * rpc.yppasswd had a bufferoverflow in its MD5 code * rpc.yppasswd allowed users to change the GECOS and loginshell entries of other users

New version of mirror fixes remote exploit

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We have received reports that the version of mirror as distributed in Debian GNU/Linux 2.1 could be remotely exploited. When mirroring a remote site the remote site could use filename-constructions like " .." that would case mirror to work one level above the target directory for the mirrored files.

New version of amd fixes remove exploit

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The version of amd that was distributed with Debian GNU/Linux 2.1 is vulnerable to a remote exploit. Passing a big directory name to amd its logging code would overflow a buffer which could be exploited. This has been fixed in version 23.0slink1.

New versions of epic4 fixes possible DoS vulnerability

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We have received a report from the author of epic4 covering a denial of service vulnerability. All versions of epic4 between version pre1.034 (including) and version pre2.004-19990718 (excluding) are vulnerable. They contain code which makes epic4 walk off of a string, causing the client to crash and possibly display arbitrary characters on the terminal.

New versions of termcap-compat fixes buffer overflow

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We have received a report that former versions of libtermcap contained an exploitable buffer overflow. Debian itself is not exploitable by this bug since termcap was abandoned in favour of terminfo long ago. However, if you have compiled your own programs using termcap or have installed third party programs that depend on libtermcap and run as root they are exploitable.

New versions of mailman fixes cookie attack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We have become aware that the version mailman as supplied in Debian GNU/Linux 2.1 has a problem with verifying list administrators. The problem is that the cookie value generation used was predictable, so using forged authentication cookies it was possible to access the list administration webpages without knowing the proper password.

New version if ipopd prevents exploit

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We have received reports that the version of the imap suite in Debian GNU/Linux 2.1 has a vulnerability in its POP-2 daemon, which can be found in the ipopd package. Using this vulnerability it is possible for remote users to get a shell as user "nobody" on the server.

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo