[eddie5659]

Hiya

apache-contrib

The Apache module mod_auth_mysql 1.4,which is shipped since SuSE Linux 7.1,
was found vulnerable to possible bypass authentication by MySQL command
injection.
An adversary could insert MySQL commands along with a password and these
commands will be interpreted by MySQL while mod_auth_mysql is doing the
password lookup in the database. A positive authentication could be returned

http://www.linuxsecurity.com/advisor...sory-1605.html

Linux - uucp argument handling problems

There is a argument handling problem which allows a local attacker to
gain access to the uucp group. Using this access the attacker could
use badly written scripts to gain access to the root account.

http://www.linuxsecurity.com/advisor...sory-1606.html

Vulnerabilities in PAM and NSS modules using a PostgreSQL database

During investigating the problem described in RUS-CERT Advisory
2001-08:01, it became evident that a few PAM and NSS modules which use
PostgreSQL as database backend are vulnerable to SQL code injections
attacks, too.


http://www.linuxsecurity.com/advisor...sory-1607.html

Local vulnerability in the uucp package

UUCP is a Unix to Unix transfer mechanism. It is used primarily
for remote sites to download and upload email and news files to local
machines.

zen-parse found[1] a vulnerability in the command-line argument
handling of uucp which can be exploited by a local user to obtain
uid/gid uucp.

http://www.linuxsecurity.com/advisor...sory-1608.html

xli/xloadimage

A buffer overflow exists in xli due to missing boundary checks. This
could be triggered by an external attacker to execute commands on the
victim's machine. An exploit is publically available. xli is an image
viewer that is used by Netscape's plugger to display TIFF, PNG, and
Sun-Raster images

http://www.linuxsecurity.com/advisor...sory-1609.html

apache

A problem exists with all Apache servers prior to version 1.3.19. The
vulnerablity could allow directory indexing and path discovery on the
vulnerable servers with a custom crafted request consisting of a long
path name created artificially by using numerous slashes. This can
cause modules to misbehave and return a listing of the directory
contents by avoiding the error page

http://www.linuxsecurity.com/advisor...sory-1611.html

most

Pavel Machek has found a buffer overflow in the `most' pager program.
The problem is part of most's tab expansion where the program would
write beyond the bounds two array variables when viewing a malicious
file. This could lead into other data structures being overwritten
which in turn could enable most to execute arbitrary code being able
to compromise the users environment

http://www.linuxsecurity.com/advisor...sory-1610.html

Regards

eddie

[eddie5659]

Hiya

Thought I'd tag these on the end:

wmaker/WindowMaker

The window manager Window Maker was found vulnerable to a buffer overflow
due to improper bounds checking when setting the window title.
An attacker can remotely exploit this buffer overflow by using malicious
web page titles or terminal escape sequences to set a excessively long
window title.
This attack can lead to remote command execution with the privileges of
the user running Window Maker.

http://www.linuxsecurity.com/advisor...sory-1612.html

uucp

Zen Parse discovered that an argument handling problem that exists in
the uucp package can allow a local attacker to gain access to the uucp
user or group.


http://www.linuxsecurity.com/advisor...sory-1613.html

Regards

eddie