Find the information you need for your favorite open source distribution .
The version of sendmail that was listed in the earlier advisory today was compiled with the wrong version of libc. This has been corrected in version 8.9.3-3slink1.0.1 .
The version of dump that was distributed with Debian GNU/Linux 2.1 suffers from a problem with restoring symbolic links.
The version of sendmail that was distributed with Debian GNU/Linux 2.1 has a slight problem in the code to regenerate the aliases database. Sendmail allowed any user to run sendmail with the -bi option to (re)initialize the aliases database. The user could then interrupt sendmail and leave the system with a broken aliases database.
The version bind that was distributed in Debian GNU/Linux 2.1 has a vulnerability in the processing of NXT records that can be used by an attacked in a Debian of Service attack or theoretically be exploited to gain access to the server.
The version of nfs-server that was distributed in Debian GNU/Linux 2.1 had a buffer overflow in fh_buildpath(). It assumed that the total length of a path would never exceed (PATH_MAX_NAME_MAX). With a read/write exported directory people could created longes path and cause a bufferoverflow.
The proftpd version that was distributed in Debian GNU/Linux 2.1 had several buffer overruns that could be exploited by remote attackers. A short list of problems: * user input was used in snprintf() without sufficient checks * there was an overflow in the log_xfer() routine * you could overflow a buffer by using very long pathnames
The version of lpr that was distributed with Debian GNU/Linux 2.1 suffers from a couple of problems: * there was a race in lpr that could be exploited by users to print files they can not normally read * lpd did not check permissions of queue-files. As a result by using the -s flag it could be tricked into printing files a user can otherwise not read
The nis package that was distributed with Debian GNU/Linux 2.1 has a couple of problems: * ypserv allowed any machine in the NIS domain to insert new tables * rpc.yppasswd had a bufferoverflow in its MD5 code * rpc.yppasswd allowed users to change the GECOS and loginshell entries of other users
The version of amd that was distributed with Debian GNU/Linux 2.1 is vulnerable to a remote exploit. This was fixed in version 23.0slink1. However that fix contained an error which has been fixed in version upl102-23.slink2.
We have received reports that the version of mirror as distributed in Debian GNU/Linux 2.1 could be remotely exploited. When mirroring a remote site the remote site could use filename-constructions like " .." that would case mirror to work one level above the target directory for the mirrored files.
The version of amd that was distributed with Debian GNU/Linux 2.1 is vulnerable to a remote exploit. Passing a big directory name to amd its logging code would overflow a buffer which could be exploited. This has been fixed in version 23.0slink1.
Red Hat has recently released a Security Advisory (RHSA-1999:030-01) covering a reverse denial of service bug in the vixie cron package. As user you could restart sendmail even if the host should not receive mail through the SMTP port.
We have received a report from the author of epic4 covering a denial of service vulnerability. All versions of epic4 between version pre1.034 (including) and version pre2.004-19990718 (excluding) are vulnerable. They contain code which makes epic4 walk off of a string, causing the client to crash and possibly display arbitrary characters on the terminal.
All former versions of trn used a hardcoded filename in /tmp as temporary storage. If the file already exists as symbolic link to users files they will be overwritten.
Former versions of man2html uses a static file in /tmp for writing. This can lead into overwriting system files if a malicious user has created a symbolic link to it before upgrading man2html.
One year ago, we have received a report from SGI that a vulnerability has been discovered in the seyon program which can lead to a root compromise. Any user who can execute the seyon program can exploit this vulnerability.
This bug was experienced in May 1999 but wasn't reported on this channel yet. Former versions of the smtp-refuser package came with unchecked logging facility to /tmp/log. This allowed deleting arbitrary, root-owned files by any user who has write access to /tmp
We have received a report that former versions of libtermcap contained an exploitable buffer overflow. Debian itself is not exploitable by this bug since termcap was abandoned in favour of terminfo long ago. However, if you have compiled your own programs using termcap or have installed third party programs that depend on libtermcap and run as root they are exploitable.
This is an old report from May 1999 but it wasn't reported on this channel yet.
We have received reports that the version of xmonisdn as distributed in the isndutils package from Debian GNU/Linux 2.1 has a security problem.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
