SuSE Essential and Critical Security Patch Updates - Page 789

Security hole in i4l (xmonisdn)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

xmonisdn which is part of the i4l package is installed setuid root by default. To control and display the status of the ISDN network connections xmonisdn uses external programs, which are executed by the system() systemcall, without taking care of a safe environment. The problem arises by old libc, that don't overwrite the IFS environment variable.

LinuxSecurity.com Team
Dec 08, 1999

Security hole in samba

a) A setuid root installed smbmnt could lead to a security breach due to a race condition. b) The NetBIOS name server nmbd is vulnerable to a denial-of-service attack. c) The message service of the SMB-/CIFS-server has got a buffer overflow.

LinuxSecurity.com Team
Dec 08, 1999

Security hole in Klock

The KDE screensaver klock includes a bug, which allows to bypass the password authentication. While klock waits for kcheckpass to verify the password a timer is triggered and the dialog box is deleted. After kcheckpass completes klock crashs.

LinuxSecurity.com Team
Dec 08, 1999

Security hole in Man (man_db)

The zsoelim program, which is part of the man package, creates files in /tmp without security checkings.

LinuxSecurity.com Team
Dec 08, 1999

Execution of commands in Pine 4.x

By sending a malicious formated email pine could be tricked into executing shell scripts or binary programs.

LinuxSecurity.com Team
Dec 07, 1999

Denial of Service on the 2.2 kernel

The Linux kernel 2.2.x doesn't correctly parse the IP options, which leads to kernel panic.

LinuxSecurity.com Team
Dec 07, 1999

Security hole in INN

The innd wrapper inndstart could be tricked to execute arbitrary code by editing the environment (INNCONF), by modifing the inn.conf file or by overflowing a buffer.

LinuxSecurity.com Team
Dec 07, 1999

Security hole in XFree86

XFree86 creates a directory in /tmp with the name .X11-unix for the X sockets and sets the directory to mode 1777. If an attacker creates a symlink with that filename and points it to another directory (e.g. /root), the permissions of the target directory is set to 1777.

LinuxSecurity.com Team
Dec 07, 1999

The default permissions on /dev/kmem is insecure

The default permissions on /dev/kmem is insecure. A bug in all Linux 2.0.x kernels except 2.0.36 have a vulnerability which makes blind ip-spoofing possible.

LinuxSecurity.com Team
Dec 07, 1999

Security hole in Netscape Communicator's 4.5

The Netscape Communicator 4.5 comes with "talkback", a quality enhancement tool by Fullcircle (www.fullcircle.com). If the communicator crashs for any reason, the file with the name /tmp/.$UID.talkback is read in, and the pid in this file is killed. After that, the file is truncated/created without checks for {sym|hard}links and the pid of the current talkback process is written into the file.

LinuxSecurity.com Team
Dec 07, 1999

Get the Latest News & Insights

SuSE Essential and Critical Security Patch Updates - Page 789

Security hole in i4l (xmonisdn)

Security hole in samba

Security hole in Klock

Security hole in Man (man_db)

Execution of commands in Pine 4.x

Denial of Service on the 2.2 kernel

Security hole in INN

Security hole in XFree86

The default permissions on /dev/kmem is insecure

Security hole in Netscape Communicator's 4.5

LinuxSecurity Poll

Do you mostly use Linux for desktops or for servers?

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By