All articles

No avatar January 18, 2003 00:00 Lightweight Web Browsers

44
The computers you meet on today's desktops are equipped with very fast processors (usually over 1GHz) and a few hundreds megs of RAM. Even very complicated and resource-consuming applications don't cause any problems for them. However, there are still old machines around which can't easily run such programs. They either don't launch them at all or run so slowly that sensible work can't be performed.

January 16, 2003 08:16 Debian: New bugzilla packages fix unauthorized data modif...

0
Two vulnerabilities have been discovered in Bugzilla, a web-based bug tracking system, by its authors. The provided data collection script intended to be run as a nightly cron job changes the permissions of the data/mining directory to be world-writable every time it runs. This would enable local users to alter or delete the collected data. Also, the default .htaccess scripts provided by checksetup.pl do not block access to backups of the localconfig file that might be created by editors such as vi or emacs (typically these will have a .swp or ~ suffix). This allows an end user to download one of the backup copies and potentially obtain your database password. Fixed packages are available from security.debian.org.

January 16, 2003 06:54 Red Hat: Updated vim packages fix modeline vulnerability

0
VIM (Vi IMproved) is a version of the vi editor. VIM allows a user to set the modeline differently for each edited text file by placing special comments in the files. Georgi Guninski found that these comments can be carefully crafted in order to call external programs. This could allow an attacker to create a text file such that when it is opened arbitrary commands are executed. Fixed packages are available from updates.redhat.com.

January 16, 2003 06:07 Red Hat: Updated dhcp packages fix security vulnerabilities

0
The dhcp package provides the ISC Dynamic Host Configuration Protocol (DHCP) server and relay agent. DHCP is a protocol which allows devices to get their own network configuration information from a server. The Internet Software Consortium has detected several potential vulnerabilities during an audit of the ISC DHCP server. These vulnerabilities affect the minires library and may be exploitable as stack buffer overflows, which could lead to remote code execution. Fixed packages are available from updates.redhat.com.

January 15, 2003 11:59 Red Hat: Updated MySQL packages fix various security issues

0
MySQL is a multi-user, multi-threaded SQL database server. While auditing MySQL, Stefan Esser found security vulnerabilities that can be used to crash the server or allow MySQL users to gain privileges, details of which can be found in the body of this article. Fixed packages are available from updates.redhat.com.

January 15, 2003 07:49 Debian: New IMP packages fix SQL injection

0
Jouko Pynnonen discovered a probem with IMP, a web based IMAP mail program. Using carefully crafted URLs a remote attacker is able to inject SQL code into SQL queries without proper user authentication. Even though results of SQL queries aren't directly readable from the screen, an attacker might update his mail signature to contain wanted query results and then view it on the preferences page of IMP. Fixed packages are available from security.debian.org.

January 14, 2003 22:35 Red Hat: Updated PostgreSQL packages fix security issues ...

0
PostgreSQL is an advanced Object-Relational database management system. PostgreSQL versions 7.2.1 and 7.2.2 contain a serious issue with the VACUUM command when it is run by a non-superuser. It is possible for the system to prematurely remove old transaction log data (pg_clog files), which can result in unrecoverable data loss. A number of minor security issues affect the PostgreSQL 7.2.1 packages shipped with Red Hat Linux 7.3 only. Additionally, buffer overflows in circle_poly, path_encode and path_add allow attackers to cause a denial of service and possibly execute arbitrary code. Fixed packages are available from updates.redhat.com.

January 14, 2003 14:44 Debian: New libmcrypt packages fix buffer overflows and m...

0
Ilia Alshanetsky discovered several buffer overflows in libmcrypt, a decryption and encryption library, that originates in from improper or lacking input validation. By passing input which is longer then expected to a number of functions (multiple functions are affected) the user can successful make libmcrypt crash and may be able to insert arbitrary, malicious, code which will be executed under the user libmcrypt runs as, e.g. inside a web server. Fixed packages are available from security.debian.org.

January 14, 2003 14:41 SuSE: Possible remote compromise in libpng

0
The library libpng provides several functions to encode, decode and manipulate Portable Network Graphics (PNG) image files. Due to wrong calculation of some loop offset values a buffer overflow can occur. The buffer overflow can lead to Denial-of-Service or even to remote compromise. Fixed packages can be obtained from ftp.suse.com.

January 13, 2003 10:29 Red Hat: Updated CUPS packages fix various vulnerabilities

0
The Common UNIX Printing System (CUPS) provides a portable printing layer. A number of vulnerabilities have been discovered in CUPS, details of which can be found in the body of this advisory. Fixed packages are available from updates.redhat.com.

January 13, 2003 07:46 Red Hat: Updated libpng packages fix buffer overflow

0
The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. Unpatched versions of libpng 1.2.1 and earlier do not correctly calculate offsets, which leads to a buffer overflow and the possibility of arbitrary code execution. This could be exploited by an attacker creating a carefully crafted PNG file which could execute arbitrary code when the victim views it. Fixed packages are available from updates.redhat.com.

January 13, 2003 07:37 Debian: New openldap packages fix buffer overflows and re...

0
The SuSE Security Team reviewed critical parts of openldap2, an implementation of the Lightweight Directory Access Protocol (LDAP) version 2 and 3, and found several buffer overflows and other bugs remote attackers could exploit to gain access on systems running vulnerable LDAP servers. In addition to these bugs, various local exploitable bugs within the OpenLDAP2 libraries have been fixed. Fixed packages are available from security.debian.org.

January 10, 2003 07:03 Debian: New xpdf-i packages fix arbitrary command execution

0
iDEFENSE discovered an integer overflow in the pdftops filter from the xpdf and xpdf-i packages that can be exploited to gain the privileges of the target user. This can lead to gaining privileged access to the 'lp' user if thee pdftops program is part of the print filter. Fixed packages are available from security.debian.org.

January 09, 2003 08:28 Red Hat: Updated Ethereal packages are available

0
Ethereal is a package designed for monitoring network traffic on your system. Several security issues have been found in the Ethereal packages distributed with Red Hat Linux versions 7.2, 7.3, and 8.0. Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages. Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the LMP, PPP, or TDS dissectors. Fixed packages are available from updates.redhat.com.

January 09, 2003 07:55 Debian: New tomcat packages fix source disclosure vulnera...

0
A security vulnerability has been confirmed to exist in Apache Tomcat 4.0.x releases, which allows to use a specially crafted URL to return the unprocessed source of a JSP page, or, under special circumstances, a static resource which would otherwise have been protected by a security constraint, without the need for being properly authenticated. Fixed packages are available from security.debian.org.

January 08, 2003 07:47 Debian: New canna packages fix buffer overflow and denial...

0
Several vulnerabilities have been discovered in canna, a Japanese input system. A heap overflow vulnerability exists in the irw_through function in canna server and canna does not properly validate requests, which allows remote attackers to cause a denial of service or information leak. Fixed packages are available from security.debian.org.

January 07, 2003 09:22 Debian: New geneweb packages fix information exposure

0
A security issue has been discovered by Daniel de Rauglaudre, upstream author of geneweb, a genealogical software with web interface. It runs as a daemon on port 2317 by default. Paths are not properly sanitized, so a carefully crafted URL lead geneweb to read and display arbitrary files of the system it runs on. Fixed packages are available from security.debian.org.

January 07, 2003 07:36 Debian: New xpdf packages fix arbitrary command execution

0
iDEFENSE discovered an integer overflow in the pdftops filter from the xpdf package that can be exploited to gain the privileges of the target user. This can lead to gaining privileged access to the 'lp' user if thee pdftops program is part of the print filter. Fixed packages are available from security.debian.org.

January 07, 2003 05:00 Red Hat: Updated cyrus-sasl packages fix buffer overflows

0
Cyrus SASL is an implementation of the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. Cyrus SASL versions 2 prior to 2.1.10 include a number of buffer overflow vulnerabilities. Insufficient buffer length checking in user name canonicalization. This issue would be hard to exploit, but would allow a remote user to execute arbitrary code on the system. When performing authentication using LDAP, saslauthd does not allocate enough memory when it needs to escape special characters in the username and realm. This issue may be easy to remotely exploit. The Log writer might not have allocated memory for the trailing \0 in a message. This issue is probably hard to exploit, although it is possible to affect the logging data with at least anonymous authentication. Updated packages can be obtained from updates.redhat.com.

January 03, 2003 16:47 Debian: New mhonarc packages fix cross site scripting

0
Earl Hood, author of mhonarc, a mail to HTML converter, discovered a cross site scripting vulnerability in this package. A specially crafted HTML mail message can introduce foreign scripting content in archives, by-passing MHonArc's HTML script filtering. Fixed packages are available from security.debian.org.

January 03, 2003 16:44 Red Hat: Updated pine packages available

0
Pine, developed at the University of Washington, is a tool for reading, sending, and managing electronic messages (including mail and news). A security problem was found in versions of Pine 4.44 and earlier. In these versions, Pine does not allocate enough memory for the parsing and escaping of the "From" header, allowing a carefully crafted email to cause a buffer overflow on the heap. This will result in Pine crashing. Fixed packages are available from updates.redhat.com.

January 02, 2003 08:31 SuSE: remote command execution in mysql

0
Stefan Esser from e-matters reported various bugs in MySQL. Within the MySQL server the password checking and a signedness issue has been fixed. These could lead to a remote compromise of the system running an unpatched MySQL server. In order to exploit this bug, the remote attacker needs a valid MySQL account. Further, a buffer overflow in the mysqlclient library has been reported and fixed. Applications using this library (as commonly used from within PHP scripts) are vulnerable to this attack and could also be compromised by remote attackers. Fixed packages are available from ftp.suse.com.

January 02, 2003 08:28 Debian: New squirrelmail packages fix cross site scriptin...

0
A cross site scripting vulnerability has been discovered in squirrelmail, a feature-rich webmail package written in PHP4. Squirrelmail doesn't sanitize user provided variables in all places, leaving it vulnerable to a cross site scripting attack. Fixed packages are available from security.debian.org.

January 02, 2003 04:47 SuSE: local and remote privilege escalation in cups

0
CUPS is a well known and widely used printing system for unix-like systems. iDFENSE reported several security issues with CUPS that can lead to local and remote root compromise. The full list of the vulnerabilities can be found in the body of this article. Fixed packages can be obtained from ftp.suse.com.

January 02, 2003 04:41 SuSE: remote compromise in fetchmail

0
fetchmail is used to download emails from POP-, IMAP-, ETRN- or ODMR-servers. Stefan Esser of e-matters reported a bug in fetchmail's mail address expanding code which can lead to remote system compromise. When fetchmail expands email addresses in mail headers it doesn not allocated enough memory. An attacker can send a malicious formatted mail header to exhaust the memory allocated by fetchmail to overwrite parts of the heap. This can be exploited to execute arbitrary code. Fixed packages are available from ftp.suse.com.

December 31, 2002 05:32 Debian: New dhcpcd packages fix remote command execution ...

0
Simon Kelly discovered a vulnerability in dhcpcd, an RFC2131 and RFC1541 compliant DHCP client daemon, that runs with root privileges on client machines. A malicious administrator of the regular or an untrusted DHCP server may execute any command with root privileges on the DHCP client machine by sending the command enclosed in shell metacharacters in one of the options provided by the DHCP server. Fixed packages are available from security.debian.org.

December 30, 2002 23:50 Debian: New bugzilla packages fix cross site scripting pr...

0
A cross site scripting vulnerability has been reported for Bugzilla, a web-based bug tracking system. Bugzilla does not properly sanitize any input submitted by users. As a result, it is possible for a remote attacker to create a malicious link containing script code which will be executed in the browser of a legitimate user, in the context of the website running Bugzilla. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. Fixed packages are available from security.debian.org.

December 28, 2002 14:53 Debian: New typespeed packages fix buffer overflow

0
A problem has been discovered in the typespeed, a game that lets you measure your typematic speed. By overflowing a buffer a local attacker could execute arbitrary commands under the group id games. Fixed packages are available from security.debian.org.

No avatar December 28, 2002 00:00 Making Presentations with LaTeX and Prosper

12
A number of dedicated presentation programs have been written for Unix systems, but they may not serve your needs if you have special requirements, especially the need to display mathematical formulas. The Prosper package can help you create attractive presentations while letting you use the full power of LaTeX.

December 24, 2002 05:01 Debian: New fetchmail packages fix buffer overflow

0
Stefan Esser of e-matters discovered a buffer overflow in fetchmail, an SSL enabled POP3, APOP and IMAP mail gatherer/forwarder. When fetchmail retrieves a mail all headers that contain addresses are searched for local addresses. If a hostname is missing, fetchmail appends it but doesn't reserve enough space for it. This heap overflow can be used by remote attackers to crash it or to execute arbitrary code with the privileges of the user running fetchmail. Fixed packages are available from security.debian.org.
Screenshot

Project Spotlight

Jolokia

A JMX remoting alternative to JSR-160 connectors.

Screenshot

Project Spotlight

MSS Code Factory

A rule-based expert system for manufacturing source code.