Exploring Buffer Overflows and Security Vulnerabilities in FTP Daemons

In this column, we look at buffer overflows in many FTP daemons, Oracle Application Server, Solaris ipcs, Solaris Xsun, and a whole list of programs in SCO OpenServers; temporary file race conditions in pine and pico; format string bugs in HylaFAX . . . In this column, we look at buffer overflows in many FTP daemons, Oracle Application Server, Solaris ipcs, Solaris Xsun, and a whole list of programs in SCO OpenServers; temporary file race conditions in pine and pico; format string bugs in HylaFAX and cfingerd; a bug that allows Netscape to execute JavaScript placed in a GIF comment; and problems in Midnight Commander, mkpasswd, Alcatel ADSL-Ethernet Bridges, and Interscan VirusWall.

Be sure to check out the Linux Security Vulnerability Newsletter as well.