|
Find the information you need for your favorite open source distribution
 To browse through our weekly Linux Advisory Watch newsletters, click here.
|
|
|
Posted by LinuxSecurity.com Team
|
|
The version of dump that was distributed with Debian GNU/Linux 2.1
suffers from a problem with restoring symbolic links.
|
|
|
Posted by LinuxSecurity.com Team
|
|
The version bind that was distributed in Debian GNU/Linux 2.1 has
a vulnerability in the processing of NXT records that can be used
by an attacked in a Debian of Service attack or theoretically be
exploited to gain access to the server.
|
|
|
Posted by LinuxSecurity.com Team
|
|
The version of nfs-server that was distributed in Debian GNU/Linux 2.1 had a
buffer overflow in fh_buildpath(). It assumed that the total length of a path
would never exceed (PATH_MAX_NAME_MAX). With a read/write exported directory
people could created longes path and cause a bufferoverflow.
|
|
|
Posted by LinuxSecurity.com Team
|
|
The proftpd version that was distributed in Debian GNU/Linux 2.1
had several buffer overruns that could be exploited by remote
attackers. A short list of problems:
* user input was used in snprintf() without sufficient checks
* there was an overflow in the log_xfer() routine
* you could overflow a buffer by using very long pathnames
|
|
|
Posted by LinuxSecurity.com Team
|
|
The version of lpr that was distributed with Debian GNU/Linux 2.1
suffers from a couple of problems:
* there was a race in lpr that could be exploited by users to print files they
can not normally read
* lpd did not check permissions of queue-files. As a result by using the -s
flag it could be tricked into printing files a user can otherwise not read
|
|
|
Posted by LinuxSecurity.com Team
|
|
The nis package that was distributed with Debian GNU/Linux 2.1 has a
couple of problems:
* ypserv allowed any machine in the NIS domain to insert new tables
* rpc.yppasswd had a bufferoverflow in its MD5 code
* rpc.yppasswd allowed users to change the GECOS and loginshell entries
of other users
|
|
|
Posted by LinuxSecurity.com Team
|
|
The version of amd that was distributed with Debian GNU/Linux 2.1 is
vulnerable to a remote exploit. This was fixed in version 23.0slink1.
However that fix contained an error which has been fixed in version
upl102-23.slink2.
|
|
|
<< Start < Prev 265 266 267 Next > End >>
|
| Results 1856 - 1862 of 1888 |
