Från Bugtraq december år 2002

• GLSA: dietlibc (200303-29)
• [RHSA-2003:120-01] Updated sendmail packages fix vulnerability
• SRT2003-03-31-1219 - SAP world writable server binaries
• GLSA: sendmail (200303-27)
• [RHSA-2003:034-01] Updated dhcp packages fix possible packet storm
• GLSA: krb5 & mit-krb5 (200303-28)
• GLSA: openafs (200303-26)
• [RHSA-2003:084-01] Updated vsftpd packages re-enable tcp_wrappers support
• [RHSA-2003:095-03] New samba packages fix security vulnerabilities
• Immunix Secured OS 7+ openssl update
• [RHSA-2003:101-01] Updated OpenSSL packages fix vulnerabilities
• Immunix Secured OS 7+ samba update
• Viewpoint Server
• OpenSSH 3.6 released (fwd)
• [SECURITY] [DSA 275-1] New lpr-ppd packages fix local root exploit
• XSS in Python Documentation Server
• [RHSA-2003:091-01] Updated kerberos packages fix various vulnerabilities
• MDKSA-2003:040 - Updated Eterm packages fix escape sequence insecurities
• [SECURITY] [DSA 276-1] New Linux kernel packages (s390) fix local root exploit
• [SECURITY] [DSA 277-1] New apcupsd packages fix remote root exploit
• Security Update: [CSSA-2003-016.0] OpenLinux: sendmail sign extension buffer overflow (CERT CA-2003-12)
• [RHSA-2003:128-01] Updated Eye of GNOME packages fix vulnerability
• [RHSA-2003:060-01] Updated NetPBM packages fix multiple vulnerabilities
• [RHSA-2003:109-03] Updated balsa and mutt packages fix vulnerabilities
• [SECURITY] [DSA 278-1] New sendmail packages fix denial of service
• [SECURITY] [DSA 278-2] New sendmail packages fix DoS and arbitrary code execution
• Syscall implementation could lead to whether or not a file exists
• [CLA-2003:613] Conectiva Security Announcement - snort
• [CLA-2003:614] Conectiva Security Announcement - sendmail
• SuSE Security Announcement: openssl (SuSE-SA:2003:024)
• [CLA-2003:616] Conectiva Security Announcement - dhcp
• [CLA-2003:617] Conectiva Security Announcement - file
• [CLA-2003:615] Conectiva Security Announcement - samba
• @(#)Mordred Labs advisory - Integer overflow in PHP array_pad() function
• Abyss X1 1.1.2 remote crash
• [DDI-1013] Buffer Overflow in Samba allows remote root compromise
• [CLA-2003:618] Conectiva Security Announcement - kernel
• [SECURITY] [DSA 279-1] New metrics packages fix insecure temporary file creation
• Java Agent freezes Lotus Notes and Domino 6.0.1
• Immunix Secured OS 7+ cvs update
• Immunix Secured OS 7+ samba update
• [SECURITY] [DSA 280-1] New samba packages fix remote root exploit
• [CLA-2003:619] Conectiva Security Announcement - zlib
• SuSE Security Announcement: samba (SuSE-SA:2003:025)
• MDKSA-2003:044 - Updated samba packages fix remote root vulnerability
• Immunix Secured OS 7+ Kerberos update
• [RHSA-2003:137-01] New samba packages fix security vulnerability
• TSLSA-2003-0019 - samba
• [Sorcerer-spells] SAMBA--SORCERER2003-04-08
• Bilaga (DSR-mirc-filenames.txt) till: mIRC "dcc filename spoofing"
• [CLA-2003:620] Conectiva Security Announcement - man
• [SECURITY] [DSA 281-1] New xftp packages fix arbitrary code execution
• [RHSA-2003:036-01] Updated mgetty packages available
• iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x
• Binary file samba-2.x-2003-04.txt matches
• GLSA: setiathome (200304-03)
• [ARL03-A16] Multiple Security Issues in phPay
• GLSA: apache (200304-01)
• [CLA-2003:624] Conectiva Security Announcement - samba
• [SECURITY] [DSA 269-2] New heimdal packages fix authentication failure
• AMaViS-ng 0.1.6.x and postfix: possible open relay and mail loss
• [RHSA-2003:137-02] New samba packages fix security vulnerability
• GLSA: samba (200304-02)
• working apache <= 2.0.44 DoS exploit for linux.
• KDE Security Advisory: PS/PDF file handling vulnerability
• MDKSA-2003:038-1 - Updated 2.4 kernel packages fix ptrace vulnerability
• [ANNOUNCE] Apache 2.0.45 Released
• GLSA: kde-3.x (200304-04)
• [CLA-2003:625] Conectiva Security Announcement - openssl
• GLSA: kde-2.x (200304-05)
• [RHSA-2003:089-00] Updated glibc packages fix vulnerabilities in RPC XDR decoder
• Immunix Secured OS 7+ PostgreSQL update
• [SECURITY] [DSA 283-1] New xfsdump packages fix insecure file creation
• R7-0013: Heap Corruption in Gaim-Encryption Plugin
• PATCH: [CAN-2003-0132] Apache 2.0.44 Denial of Service Vulnerability
• repost: SRT2003-04-01-1231 - Progress DLC overflows
• Immunix Secured OS 7+ MySQL update
• [Sorcerer-spells] KDE-SORCERER2003-04-12
• [SECURITY] [DSA 284-1] New kdegraphics packages fix arbitrary command execution
• [SECURITY] [DSA 274-2] New mutt packages fix arbitrary code execution in potato
• [SECURITY] [DSA 286-1] New gs-common packages fix insecure temporary file creation
• [SECURITY] [DSA 285-1] New lprng packages fix insecure temporary file creation
• GLSA: kde-2.x (200304-05.1)
• [RHSA-2003:126-01] Updated gtkhtml packages fix vulnerability
• [CLA-2003:626] Conectiva Security Announcement - mutt
• GLSA: kdegraphics-3.1.x (200304-04.1)
• MDKSA-2003:046 - Updated gtkhtml packages fix vulnerability
• [SECURITY] [DSA 287-1] New EPIC packages fix DoS and arbitrary code execution
• SRT2003-04-15-1029 - Progres BINPATHX overflow
• bitchx sources backdoored on distribution site
• MDKSA-2003:045 - Updated evolution packages fix multiple vulnerabilities
• [SECURITY] [DSA 267-2] New lpr packages fix local root exploit (potato)
• CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability
• Immunix Secured OS 7+ glibc update
• MDKSA-2003:047 - Updated xfsdump packages fix insecure file creation
• MDKSA-2003:048 - Updated eog packages fix arbitrary command execution
• [CLA-2003:627] Conectiva Security Announcement - ethereal
• [SECURITY] [DSA 290-1] New sendmail-wide packages fix DoS and arbitrary code execution
• Vulnerability in rinetd
• [SECURITY] [DSA 289-1] New rinetd packages fix denial of service
• [SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
• MDKSA-2003:049 - Updated kde3 packages fix arbitrary command execution
• Fwd: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors
• [CLA-2003:628] Conectiva Security Announcement - vixie-cron
• Xinetd 2.3.10 Memory Leaks
• Exploit for PoPToP PPTP server
• Remote Vulnerabilties in mod_ntlm
• GLSA: snort (200304-05)
• [NGSEC-2003-5] YABB SE, remote command execution
• [CLA-2003:629] Conectiva Security Announcement - tcpdump
• [SECURITY] [DSA 292-1] New mime-support packages fix temporary file race conditions
• [SECURITY] [DSA 291-1] New ircII packages fix DoS and arbitrary code execution
• SRT2003-04-22-1336 - SAP DB Development Tools install flaw
• [CLA-2003:630] Conectiva Security Announcement - balsa
• [RHSA-2003:032-01] Updated tcpdump packages fix various vulnerabilities
• Snort <=1.9.1 exploit
• [SECURITY] [DSA 292-2] New mime-support packages fix temporary file race conditions
• [SECURITY] [DSA 294-1] New gkrellm-newsticker packages fix DoS and arbitrary command execution
• [SECURITY] [DSA 293-1] New kdelibs packages fix arbitrary command execution
• Security problems in gkrellm-newsticker
• [RHSA-2003:076-01] Updated ethereal packages fix security vulnerabilities
• SuSE Security Announcement: KDE (SuSE-SA:2003:026)
• An Implementation of a Birthday Attack in a DNS Spoofing
• SRT2003-04-24-1532 - Options Parsing Tool library buffer overflows.
• [RHSA-2003:142-01] Updated LPRng packages fix psbanner vulnerability
• [RHSA-2003:112-01] Updated squirrelmail packages fix cross-site scripting vulnerabilities
• RE: Cracking preshared keys
• [RHSA-2003:118-01] Updated mICQ packages fix vulnerability
• MDKSA-2003:051 - Updated ethereal packages fix remote vulnerability
• [BUGZILLA] Security Advisory - XSS, insecure temporary filenames
• Multiple SQL injection on OpenBB forums
• PoPToP PPTP server remotely exploitable buffer overflow
• DNS vulnerabilities in shared host environments
• GLSA: mgetty (200304-09)
• GLSA: snort (200304-06)
• GLSA: monkeyd (200304-07.1)
• ATM on Linux Exploit Code Release (les, local)
• Qpopper v4.0.x poppassd local root exploit
• GLSA: pptpd (200304-08)
• Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003)
• [RHSA-2003:079-01] Updated zlib packages fix gzprintf buffer overflow vulnerability
• MDKSA-2003:052 - Updated snort packages fix remote vulnerability
• [RHSA-2003:093-01] Updated MySQL packages fix vulnerabilities
• GLSA: balsa (200304-10)
• [SECURITY] [DSA 292-3] New mime-support packages really fix temporary file race conditions
• [ESA-20030430-013] 'snort' stream4 preprocessor integer overflow vulnerability
• [CLA-2003:632] Conectiva Security Announcement - apache
• [CLA-2003:633] Conectiva Security Announcement - glibc
• OpenSSH/PAM timing attack allows remote users identification

Upp en nivå