OpenSUSE: Urgent Advisory for trn Package Critical File Overwrite Issue
The news reader trn uses a hardcoded temporary file, which resides in /tmp.
Find the information you need for your favorite open source distribution .
The news reader trn uses a hardcoded temporary file, which resides in /tmp.
A buffer overflow has been found in libtermcap's tgetent() function. If a setuid root program uses this function, the user could execute arbitrary code. SuSE Linux 6.0, 6.1 and 6.2 are not affected, since the only program using libtermcap is bc. This program is not setuid root.
xmonisdn which is part of the i4l package is installed setuid root by default. To control and display the status of the ISDN network connections xmonisdn uses external programs, which are executed by the system() systemcall, without taking care of a safe environment. The problem arises by old libc, that don't overwrite the IFS environment variable.
a) A setuid root installed smbmnt could lead to a security breach due to a race condition. b) The NetBIOS name server nmbd is vulnerable to a denial-of-service attack. c) The message service of the SMB-/CIFS-server has got a buffer overflow.
The KDE screensaver klock includes a bug, which allows to bypass the password authentication. While klock waits for kcheckpass to verify the password a timer is triggered and the dialog box is deleted. After kcheckpass completes klock crashs.