Från Bugtraq sommaren och hösten 1999

Se alltid till att uppdatera din Linux med senaste uppdateringarna från din Linuxdistribution.

För loggbok över allt som installeras och ändras på alla datorer (framförallt servermaskiner).

Några texter från Bugtraq:

• snplog-1.0 buffer overflow (snplog contains tcplogd, icmplogd, udplogd)
• [RHSA-1999:017-01] Potential security problem in Red Hat 6.
• [RHSA-1999:016-01] Potential security problem in Red Hat 5.
• [RHSA-1999:014-01] New dev, rxvt
• [RHSA-1999:013-01] New XFree86 packages for Red Hat Linux 6.
• KSR[T] #011: Accelerated-X
• VMware Security Alert
• joe 2.8 makes world-readable DEADJOE
• [RHSA-1999:022-01] New Samba packages available
• [RHSA-1999:022-02] New Samba pacakges available
• [RHSA-1999:023-01] Potential security problem in gnumeric 0.23
• [RHEA-1999:021-01] Enlightenment sets window properties incorrectly
• [linux-security] [RHSA-1999:022-03] New Samba pacakges available
• [RHSA-1999:025-01] Potential misuse of squid cachemgr.cgi
• Linux 2.2.10 ipchains Advisory
• midnight commander vulnerability(?) (fwd)
• [RHSA-1999:028-01] Buffer overflow in libtermcap tgetent()
• [RHSA-1999:029-01] Denial of service attack in in.telnetd
• [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock
• [RHSA-1999:030-01] Buffer overflow in cron daemon
• [RHSA-1999:030-02] Buffer overflow in cron daemon
• WU FTPD Security Update
• INN inews vulnerability
• SECURITY: RHSA-1999:032 Buffer overflows in amd
• [SECURITY] RHSA-1999:034 New proftpd packages available
• RH 6.0 shadow passwords and locking users bug.
• SECURITY: RHSA-1999:033 Buffer overflow problem in the inew
• amd remote root exploit code
• SDI AMD remote exploit for RH linux
• MW, millennium worm
• [linux-security] buffer overflow in proftpd-1.2.0pre4
• gftp
• unix-virus mailing list
• SECURITY: RHSA-1999:040 New PAM packages available
• Debian amd
• Roxen Webserver
• WU-ftpd
• [RHSA-1999:041-01] File access problems in lpr/lpd
• Debian: New version of mirror fixes remote exploit
• RH6.0 local/remote command execution
• WWW cgi-scan
• [RHSA-1999:042-01] screen defaults to not using Unix98 ptys
• execve bug in kernel linux-2.2.12
• Secure syslog
• ypserv
• [RHSA-1999:043-01] Security problems in WU-FTPD
• Midnight Commander bug
• Truth about ssh 1.2.27 vulnerabiltiy
• Linux cdda2cdr local exploit
• Problems with redhat 6 Xsession and pam.d/rlogin.
• mirror-2.8.f4
• [RHSA-1999:046-01] security problems with ypserv
• [debian] New versions of lpr released
• [debian] New version of nis released
• Sendmail 8.x.x - any user may rebuild aliases database
• [RHSA-1999:052-1] new initscripts available (/tmp problems)
• [RHSA-1999:053-01] new NFS server pacakges available (5.2, 4.2)
• CERT Advisory CA-99.14 - Multiple Vulnerabilities in BIND
• [RHSA-1999:054-01] Security problems in bind
• [Debian] New version of nfs-server fixes remote exploit
• [Debian] New version of proftpd fixes remote exploits
• Buffer overflow exploit in the alpha linux
• SuSE Security Announcement - thttpd
• [Debian] New version of bind released
• SuSE Security Announcement - syslogd (a1)
• [RHSA-1999:055-01] Denial of service attack in syslogd
• DoS with sysklogd, glibc (Caldera)
• Caldera Pine Advisory
• ANN: Bruce v1.0 Early Access 1 - Available for download
• SuSE Security Announcement - new security tools
• wu-ftpd bug
• [david@slackware.com: New Patches for Slackware 4.0 Available]
• [david@slackware.com: New Patches for Slackware 7.0 Available]
• Slackware 7.0 - login bug
• Pandora for Linux Updated
• [Debian] New version of htdig released
• [Debian] New version of sendmail released
• SSH 1.2.27 & RSAREF2 exploit
• SSH 1.2.27 Buggfix
• CERT Advisory CA-99.15 - Buffer Overflows in SSH Daemon an
• More on Red Hat 6.1 sysklogd
• the dangers of ftp conversions on misconfigured systems/ftpd (specifically wu-ftpd)
• (Possible) Linuxconf Remote Buffer Overflow Vulnerability
• Various Errors in Slackware
• More Netscape Passwords Available
• More details on the WU-FTPD configuration vulnerability
• remote buffer overflow in miniSQL
• BUG? Non-root user can configure traffic shaper (2.2.13) (fwd)
• L0pht Advisory: initscripts-4.48-1 RedHat Linux 6.1
• CERT Advisory CA-99-17 Denial-of-Service Tools
• RHBA-1999:063-01: Y2K compliant sharutils available
• Analysis of stacheldraht
• majordomo local exploit
• Announcement: Solaris loadable kernel module backdoor (även intressant för Linux).
• [RHBA-1999:061-01] new libtiff, groff packages available
• Local / Remote GET Buffer Overflow Vulnerability in Analog

Upp en nivå

Copyright © 2010-2024 Kjell Enblom.
This document is covered by the GNU Free Documentation License, Version 1.3

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".