Från Bugtraq oktober år 2002
Några texter från Bugtraq. Nyaste texterna sist:
GLSA: tar
ASA-0000: GV Execution of Arbitrary Shell Commands
Insecure XML-RPC handling in Zope reveals the distribution physic al location.
GLSA: fetchmail
[CLA-2002:527] Conectiva Linux Security Announcement - python
GLSA: unzip
iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities
[BUGZILLA] Security Advisory
Apache 2 Cross-Site Scripting
[ESA-20021003-022] tar: directory traversal vulnerability.
[CLA-2002:529] Conectiva Linux Security Announcement - XFree86
GLSA: python
[ESA-20021003-023] fetchmail-ssl: buffer overflows and broken boundary checks.
[ANNOUNCE] mod_ssl 2.8.11-1.3.27
[SECURITY] [DSA 169-1] New tomcat packages fix unintended source code disclosure
[RHSA-2002:212-06] Updated packages fix PostScript and PDF security issue
injecting commands on a ptraced telnet/ssh session
[RHSA-2002:197-06] Updated glibc packages fix vulnerabilities in resolver
[RHSA-2002:175-16] Updated nss_ldap packages fix buffer overflow
[CLA-2002:530] Conectiva Linux Security Announcement - apache
SuSE Security Announcement: hylafax (SuSE-SA:2002:035)
SuSE Security Announcement: mod_php4 (SuSE-SA:2002:036)
GLSA: gv
[SECURITY] [DSA 172-1] New tkmail packages fix insecure temporary file creation
[SECURITY] [DSA 169-1] New ht://Check packages fix cross site scripting problem
[ESA-20021007-024] apache: potential DoS, cross-site scripting, and buffer overflow vulnerabilities.
[SECURITY] [DSA 171-1] New fetchmail packages fix buffer overflows
[RHSA-2002:215-09] Updated fetchmail packages fix vulnerabilities
[SECURITY] [DSA 173-1] New bugzilla packages fix privilege escalation
CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution (fwd)
MDKSA-2002:064 - kdelibs update
syslog-ng buffer overflow
[RHSA-2002:207-14] Updated packages fix PostScript and PDF security issue
[RHSA-2002:204-10] Updated squirrelmail packages close cross-site scripting vulnerabilities
OpenOffice 1.0.1 Race condition during installation.
KDE Security Advisory: kpf Directory traversal
GLSA: heimdal
GLSA: net-snmp
[SECURITY] [DSA 174-1] New heartbeat packages fix buffer overflows
GLSA: sendmail
Pyramid Research Project - ghttpd security advisorie
[RHSA-2002:194-18] Command execution vulnerability in dvips
SuSE Security Announcement: Heartbeat (SuSE-SA:2002:037)
GLSA: apache
GLSA: tomcat
MDKSA-2002:065 - unzip update
[RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability
[SECURITY] [DSA 175-1] New syslog-ng packages fix buffer overflow
MDKSA-2002:066 - tar update
Linux Security Protection System
[SECURITY] [DSA 176-1] New gv packages fix buffer overflow
[CLA-2002:533] Conectiva Linux Security Announcement - XFree86
[CLA-2002:531] Conectiva Linux Security Announcement - fetchmail
Apache 1.3.26
[CLA-2002:532] Conectiva Linux Security Announcement - sendmail
Openwall GNU/*/Linux (Owl) 1.0 release
GLSA: ggv
[RHSA-2002:206-12] New kernel fixes local security issues
[RHSA-2002:205-15] New kernel fixes local security issues
TSLSA-2002-0068-kernel
[RHSA-2002:210-06] New kernel 2.2 packages fix local vulnerabilities
TSLSA-2002-0069-apache
[SECURITY] [DSA 177-1] New PAM packages fix serious security violation in Debian/unstable
[SECURITY] [DSA 179-1] New gnome-gv packages fix buffer overflow
GLSA: tetex
SCAN Associates Advisory: madhater perlbot 1.0 beta - Remote Command Execution
[RHSA-2002:192-13] Updated Mozilla packages fix security vulnerabilities
SCAN Associates Advisory: Molly 0.5 - Remote Command Execution
GLSA: groff
[SECURITY] [DSA 180-1] New NIS packages fix information leak
SuSE Security Announcement: postgresql (SuSE-SA:2002:038)
LinuxSecurity Brasil Magazine Online - Second Edition
[SECURITY] [DSA 181-1] New mod_ssl packages fix cross site scripting
Ambiguities in TCP/IP - firewall bypassing
Virgil CGI Scanner Vulnerability
[ESA-20021022-026] local kernel vulnerabilities
MDKSA-2002:069 - gv update
MDKSA-2002:070 - tetex update
Security Update: [CSSA-2002-036.0] Linux: remote buffer overflow in webalizer reverse lookup code
GLSA: xfree
[RHSA-2002:223-07] Updated ypserv packages fixes memory leak
Security Update: [CSSA-2002-037.0] Linux: various packet handling vunerabilities in ethereal
MDKSA-2002:071 - kdegraphics update
GLSA: zope
Security Update: [CSSA-2002-038.0] Linux: inn format string and insecure open vulnerabilities
GLSA: mod_ssl
GLSA: ypserv
[SECURITY] [DSA 182-1] New kghostview packages fix buffer overflow
Security Update: [CSSA-2002-040.0] Linux: uudecode performs inadequate checks on user-specified output files
[ESA-20021029-027] mod_ssl cross-site scripting vulnerability.
[ESA-20021029-028] syslog-ng: buffer overflow in macro handling code (UPDATED)
Security Update: [CSSA-2002-041.0] Linux: pam_ldap format string vulnerability
Security Update: [CSSA-2002-039.0] Linux: bzip2 file creation and symbolic link vulnerabilities
IP SmartSpoofing : How to bypass all IP filters relying on sourc e IP address
MDKSA-2002:073 - krb5 update
GLSA: sharutils
[SECURITY] [DSA 184-1] New krb4 packages fix buffer overflow
GLSA: pam_ldap
SuSE Security Announcement: syslog-ng (SuSE-SA:2002:039)
[SECURITY] [DSA 185-1] New heimdal packages fix buffer overflows
Security Update: [CSSA-2002-043.0] Linux: chfn (util-linux) temp file race vulnerability
MDKSA-2002:074 - mozilla update
Upp en nivå