Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7384 7385 7386 7387 7388 7389 7390 7391 7392 7393 7394 ... 7438 ) Next »
Debian alert: New dhcp3 packages fix potential network flood
Florian Lohoff discovered a bug in the dhcrelay causing it to send a
continuing packet storm towards the configured DHCP server(s) in case
of a malicious BOOTP packet, such as sent from buggy Cisco switches.
Mandrake alert: Updated fetchmail packages fix remote exploit vulnerability
A vulnerability was discovered in all versions of fetchmail prior to 6.2.0 that allows a remote attacker to crash fetchmail and potentially execute arbitrary code by sending carefully crafted email wihch is then parsed by fetchmail. The vulnerability has been fixed in these patched packages of fetchmail.
Debian alert: New noffle packages fix buffer overflows
Dan Jacobson noticed a problem in noffle, an offline news server, that
leads to a segmentation fault. It is not yet clear whether this
problem is exploitable. However, if it is, a remote attacker could
trigger arbitrary code execution under the user that calls noffle,
probably news.
Debian alert: New kdemultimedia packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Debian alert: New kdebase packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Debian alert: New kdeutils packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Debian alert: New kdegames packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Debian alert: New kdesdk packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Debian alert: New kdepim packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Debian alert: New kdenetwork packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
SuSE alert: cvs
CVS (Concurrent Versions System) is a version control system which helps to manage concurrent editing of files by various authors. Stefan Esser of e-matters reported a "double free" bug in CVS server code for handling directory requests. This free() call allows an attacker with CVS read access to compromise a CVS server. Additionally two features ('Update-prog' and 'Checkin-prog') were disabled to stop clients with write access to execute arbitrary code on the server. These features may be configurable at run-time in future releases of CVS server.
Debian alert: New kdelibs packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Debian alert: New kdegraphics packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Debian alert: New kdeadmin packages fix several vulnerabilities
The KDE team discovered several vulnerabilities in the K Desktop
Environment. In some instances KDE fails to properly quote parameters
of instructions passed to a command shell for execution. These
parameters may incorporate data such as URLs, filenames and e-mail
addresses, and this data may be provided remotely to a victim in an
e-mail, a webpage or files on a network filesystem or other untrusted
source.
Mandrake alert: Updated printer-drivers packages fix local vulnerabilities
Karol Wiesek and iDefense disovered three vulnerabilities in the printer-drivers package and tools it installs. These vulnerabilities allow a local attacker to empty or create any file on the filesystem.
Slackware alert: New CVS packages available
New cvs packages are available to fix a security vulnerability.
Red Hat alert: Updated python packages fix predictable temporary file
An insecure use of a temporary file has been found in Python. This erratum
provides updated Python packages.
Mandrake alert: Updated printer-drivers packages fix local vulnerabilities
Karol Wiesek and iDefense disovered three vulnerabilities in the printer-drivers package and tools it installs. These vulnerabilities allow a local attacker to empty or create any file on the filesystem.
Disabled to Get Greater Access to Linux
Linux is chasing Microsoft's Windows into every market where the two operating systems can compete. A case in point: Today, an Oakland organization will announce it is developing standards to make Linux accessible to people with disabilities. The Free Standards Group has created a task force to establish the standards.
Software Vulnerabilities and the Future of Liability Reform
If you were to make up your own list of the top 10 issues likely to affect computing over the next five to 10 years, would you include liability reform in the American legal system? I think you should, even if you live, as I do, in Canada or some other country where American law doesn't apply directly. But change is coming, and that change will affect anyone who works with hardware or software made or sold by American companies.
« Previous ( 1 ... 7384 7385 7386 7387 7388 7389 7390 7391 7392 7393 7394 ... 7438 ) Next »