There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Tag Cloud
access acer asus bios bsod computer crash driver drivers error ethernet excel freeze gaming google gpu hard drive hardware hdmi internet laptop malware memory missing monitor motherboard network operating system printer problem ram registry router slow software sound trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Operating Systems > Linux and Unix >
Linux Vulnerabilities: Sep 26

Reply  
Thread Tools
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 25,163 posts.
 
Join Date: Mar 2001
Location: Bradford, England
27-Sep-2001, 06:06 PM #1
Wink Linux Vulnerabilities: Sep 26
Hiya

wmaker/WindowMaker

The window manager Window Maker was found vulnerable to a buffer overflow
due to improper bounds checking when setting the window title.
An attacker can remotely exploit this buffer overflow by using malicious
web page titles or terminal escape sequences to set a excessively long
window title.
This attack can lead to remote command execution with the privileges of
the user running Window Maker

http://www.linuxsecurity.com/advisor...sory-1612.html

Mandrake Linux

Zen Parse discovered that an argument handling problem that exists in
the uucp package can allow a local attacker to gain access to the uucp
user or group

http://www.linuxsecurity.com/advisor...sory-1613.html

Updated man package fixing GID security problems

Updated man packages fixing a local GID man exploit and a
potential GID man to root exploit, as well as a problem with the
man paths of Red Hat Linux 5.x and 6.x

http://www.linuxsecurity.com/advisor...sory-1614.html

OpenSSH Security Advisory

Weakness in OpenSSH's source IP based access control
for SSH protocol v2 public key authentication

http://www.linuxsecurity.com/advisor...sory-1617.html

Squid multiple vulnerabilities

Vladimir Ivaschenko found a bug[1] which allows a remote attacker
to cause a DoS on the squid proxy service by sending mkdir ftp
requests.

Takashi Taniguchi found a bug[2] that allows malicious users to
do portscanning and other suspect activities using the proxy when
it's configured in "http accelerator mode

http://www.linuxsecurity.com/advisor...sory-1615.html

Red Hat

The initscript distributed with the setserial package (which is not
installed or enabled by default) uses predictable temporary file names, and
should not be used. setserial-2.17-4 and earlier versions are affected

http://www.linuxsecurity.com/advisor...sory-1616.html

Regards

eddie
__________________
Just go with the flow, like a twig on the shoulders of a mighty stream

Proud Member of ASAP, Alliance of Security Analysis Professionals
Reply

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 10:06 AM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

Powered by Cermak Technologies, Inc.