Showing all newswire headlines

Sebastian Krahmer from the SuSE Security Team discovered [1] a flaw in Concurrent Versions System (CVS) [0] clients where RCS "diff files" can create files with absolute pathnames. An attacker could create a fake malicious CVS server that would cause arbitrary files to be created or overwritten when a victim connects to it. The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2004-0180 [2] to the problem.

There have been 12 security alerts posted already today, and each time I think I've posted the last one, another appears. This raises a question that I've had for a while, and now seems a good time to ask... Should we make a filtering program for the LXer homepage?

Sebastian Krahmer from the SUSE security team discovered a remotely exploitable vulnerability in the CVS client. When doing a cvs checkout or update over a network, the client accepts absolute pathnames in the RCS diff files. A maliciously configured server could then create any file with content on the local user's disk. This problem affects all versions of CVS prior to 1.11.15 which has fixed the problem.

A recent commentary by Robin Miller regarding squabbling within the free software and open source communities was a useful wake-up call. This bickering is having a detrimental effect on our ability to confront those who are trying to convince policy and opinion makers against the use of free and open source software (FOSS). These challenges are neither severe nor insurmountable, but they do require the parties understand the differences between internal and external debate.

Two vulnerabilities have been discovered in mysql, a common database system. Two scripts contained in the package don't create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the user invoking the MySQL server, which is often the root user.

The Sourceforge project administrator has claimed that Via's "Padlock" software violates the GNU general public licence (GPL). Via Padlock, said Eric Harmon, breaks the conditions of the GPL in three ways.

A recent study comparing Windows and Linux vulnerabilities showed that Microsoft is quicker at responding to problems in its software, while many of the leading Linux distributions lag in reaction time. The study conducted by Forrester Research..

Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 for the PowerPC/apus and S/390 architectures.

iDefense reported a buffer overflow flaw in the ISO9660 filesystem code. An attacker could create a malicious filesystem in such a way that they could gain root privileges if that filesystem is mounted. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0109 to this issue.

Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 for the IA-64 architecture.

iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 kernel code which handles ISO9660 filesystems. The original code is not able to handle very long symlink names. The vulnerability can be triggered locally by mounting removable media that contains a malformed filesystem or by using the loopback device. Exploiting this buffer overflow results in kernel-level access to the system.

During the analyzation of the CVS protocol and their implementation, the SuSE Security Team discovered a flaw within the handling of pathnames. Evil CVS servers could specify absolute pathnames during checkouts and updates, which allows to create arbitrary files with the permissions of the user invoking the CVS client. This could lead to a compromise of the system.

I wanted to write something about the great progress being carried on linux as OS of choice for a professional Digital Audio Workstation (DAW) since a long time. With the inclusion of the Advanced Linux Sound Architecture (ALSA) into the 2.6 kernels, time has come to extend my experiences to all of you.

Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 and 2.4.18 for the hppa (PA-RISC) architecture.

iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 kernel code which handles ISO9660 filesystems. The original code is not able to handle very long symlink names. The vulnerability can be triggered locally by mounting removable media that contains a malformed filesystem or by using the loopback device. Exploiting this buffer overflow results in kernel-level access to the system.

Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.18 for the alpha, i386 and powerpc architectures.

Mandrakesoft today announce the availability of Mandrakelinux 10.0 Official, a full-featured operating system that includes a full suite of desktop and server applications. Mandrakelinux 10.0 Official is available for download to Mandrakeclub Members, and as part of Mandrakesoft's complete range of retail packs, now available for pre-order on http://www.mandrakestore.com and soon in retail stores (Suggested Retail Price for all products are shown below).

Updated cvs packages that fix a client vulnerability that could be exploited by a malicious server are now available.

An updated cadaver package that fixes a vulnerability in neon exploitable by a malicious DAV server is now available.

This intermediate tutorial covers different mechanisms for capturing and manipulating packets. Security applications -- such as VPNs, firewalls, and sniffers, and network apps such as routers -- rely on methods like those described here to do their work. Once you have the hang of them, you will rely on them too. You won't want to miss this tutorial all about packet interception, covering kernels from 2.2.x to the present and techniques from divert socket and netfilter to interrupt handling and messing with the kernel source code itself.