Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 730
Alerts This Week
Warning Icon 1 730

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
98

Red Hat: RHSA-2004:585-01 Critical: XChat Buffer Overflow Threat

An updated xchat package that fixes a stack buffer overflow in the SOCKSv5 proxy code.. --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated xchat package fixes SOCKSv5 proxy security issue Advisory ID: RHSA-2004:585-01 Issue date: 2004-10-27 Updated on: 2004-10-27 Product: Red Hat Enterprise Linux Keywords: X-Chat CVE Names: CAN-2004-0409 --------------------------------------------------------------------- 1. Summary: An updated xchat package that fixes a stack buffer overflow in the SOCKSv5 proxy code. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: X-Chat is a graphical IRC chat client for the X Window System. A stack buffer overflow has been fixed in the SOCKSv5 proxy code. An attacker could create a malicious SOCKSv5 proxy server in such a way that X-Chat would execute arbitrary code if a victim configured X-Chat to use the proxy. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0409 to this issue. Users of X-Chat should upgrade to this erratum package, which contains a backported security patch, and is not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer tothe following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 135238 - CAN-2004-0409 XChat buffer overflow in socks5 proxy 121333 - CAN-2004-0409 XChat buffer overflow in socks5 proxy 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: 6d5775b3f8aad029c4d793850ad886d7 xchat-1.8.9-1.21as.2.src.rpm i386: 903f03b6faffb88f391484b448c3f637 xchat-1.8.9-1.21as.2.i386.rpm ia64: 39a974df6da586d236283bff42e6bb3e xchat-1.8.9-1.21as.2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: 6d5775b3f8aad029c4d793850ad886d7 xchat-1.8.9-1.21as.2.src.rpm ia64: 39a974df6da586d236283bff42e6bb3e xchat-1.8.9-1.21as.2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: 6d5775b3f8aad029c4d793850ad886d7 xchat-1.8.9-1.21as.2.src.rpm i386: 903f03b6faffb88f391484b448c3f637 xchat-1.8.9-1.21as.2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: 6d5775b3f8aad029c4d793850ad886d7 xchat-1.8.9-1.21as.2.src.rpm i386: 903f03b6faffb88f391484b448c3f637 xchat-1.8.9-1.21as.2.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: 24dcd2f613f5d14c1f091cdfc1fdd6ca xchat-2.0.4-4.EL.src.rpm i386: 431bffb1410d138f3fc7ddf98668654a xchat-2.0.4-4.EL.i386.rpm ia64: ad3c4335eacf54f0d1841e07d0168a49 xchat-2.0.4-4.EL.ia64.rpm ppc: fd3713f4b7d731c451b7d787857c1a74 xchat-2.0.4-4.EL.ppc.rpm s390: 696feca825d882bd23a594c6016e3fd6 xchat-2.0.4-4.EL.s390.rpm s390x: a6f0191edb52adea9f3ae8dfd9de217c xchat-2.0.4-4.EL.s390x.rpm x86_64: 7398eacb0210d9b66f16c07b389dd173 xchat-2.0.4-4.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: 24dcd2f613f5d14c1f091cdfc1fdd6ca xchat-2.0.4-4.EL.src.rpm i386: 431bffb1410d138f3fc7ddf98668654a xchat-2.0.4-4.EL.i386.rpm x86_64: 7398eacb0210d9b66f16c07b389dd173 xchat-2.0.4-4.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: 24dcd2f613f5d14c1f091cdfc1fdd6ca xchat-2.0.4-4.EL.src.rpm i386: 431bffb1410d138f3fc7ddf98668654a xchat-2.0.4-4.EL.i386.rpm ia64: ad3c4335eacf54f0d1841e07d0168a49 xchat-2.0.4-4.EL.ia64.rpm x86_64: 7398eacb0210d9b66f16c07b389dd173 xchat-2.0.4-4.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: 24dcd2f613f5d14c1f091cdfc1fdd6ca xchat-2.0.4-4.EL.src.rpm i386: 431bffb1410d138f3fc7ddf98668654a xchat-2.0.4-4.EL.i386.rpm ia64: ad3c4335eacf54f0d1841e07d0168a49 xchat-2.0.4-4.EL.ia64.rpm x86_64: 7398eacb0210d9b66f16c07b389dd173 xchat-2.0.4-4.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from 7. References: CVE -CVE-2004-0409 8. Contact: The Red Hat security contact is . More contact details at Copyright 2004 Red Hat, Inc. . Canonical releases a security bulletin featuring an update for the pidgin package aimed at addressing a critical vulnerability related to an XML parsing buffer overflow flaw.. X-Chat Fix, Red Hat Advisory, SOCKSv5 Security, Buffer Overflow, System Update. . LinuxSecurity.com Team

Calendar%202 Oct 27, 2004 Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200