Red Hat Security Advisory - A vulnerability in the mod_rewrite module and vulnerabilities in the virtual hosting facility in versions of Apache prior to 1.3.14 may allow attackers to view files on the server which are meant to be inaccessible. Format string vulnerabilities have been found in PHP versions 3 and 4.
6288e107de691c83bc02de5b7e3bf8d172637322deaeff1feb317db4036c5989Red Hat Security Advisory - A problem has been found in GnuPG versions (up to and including 1.0.3). Due to this problem, GnuPG may report files which have been signed with multiple keys (one or more of which may be incorrect) to be valid even if one of the signatures is invalid.
1ab144da652cc58ee50c74503e5ec6b62d5b5b1ed4bfec784c0eee283a2b6ac6Red Hat Security Advisory - A local security hole has been found in GnoRPM due to insecure temp file handling.
d484269415fd23af6271b90b6a96a8bf90b91f1e7aaa58b0b16ce78876b0e252Red Hat Security Advisory - Potential security problems in ping have been fixed. An 8 byte buffer overflow was fixed, a static buffer overflow was fixed, and root priviledges are now dropped after acquiring a raw socket.
48ed726f392d820a268f5a923b847720b6b6045ad3de9acb60f37da02749ed8eRed Hat Security Advisory - tmpwatch as shipped in Red Hat Linux 6.1, 6.2, and 7.0 uses fork() to recursively process subdirectories, enabling a local user to perform a denial of service attack. Tmpwatch from Red Hat Linux 6.2 and 7.0 also contains an option to allow it to use the fuser command to check for open files before removal. It executed fuser in an insecure fashion, allowing a local root exploit.
42ef2e0471b2c65e06529723fdbb062b9bb78eca99bb286d0a4851b14c070154Red Hat Security Advisory - The usermode package contains a binary (/usr/bin/userhelper), which is used to control access to programs which are to be executed as root. Because programs invoked by userhelper are not actually running setuid-root, security measures built into recent versions of glibc are not active. If one of these programs supports internationalized text messages, a malicious user can use the LANG or LC_ALL environment variables (which are inherited by userhelper and, in turn, any programs it runs) to create a format-string exploit in these programs.
9cd98a0ba94bc89f414dfce3803982f4cb2fb5e1b147b65066171642800aa1edRed Hat Security Advisory - Esound, the Gnome sound server, contains a race condition that a malicious local user could exploit to change permissions of any file owned by the esound user.
dc3741c53587458d108b978210709adeb4a0a1947fc36f55751c5dcf9c691919Red Hat Security Advisory - A local root exploit and several additional bugs in traceroute have been corrected.
050464648835c6ab3948e1832fe926ca7a2bfaec3308b25b331289ae9e3c2f53Red Hat Security Advisory - The old BSD-based lpr which we shipped with Red Hat Linux 5.x and 6.x has a recently discovered local root format string bug in its calls to the syslog facility.
68ca43a21f3236c79d794da9e4d510f760089a9d493a6ac04145e637f94c261eRed Hat Security Advisory - LPRng has a string format bug in the use_syslog function. This function returns user input in a string that is passed to the syslog() function as the format string. It is possible to corrupt the print daemon's execution with unexpected format specifiers, thus gaining root access to the computer. The vulnerability is theoretically exploitable both locally and remotely.
83027cf3896158dff0e111b901dcbc0f01589231168753a60836df217b877264Red Hat Security Advisory - Various format string vulnerabilities have been found in syslogd and klogd. When exploiting these vulnerabilities, it could be possible for local users to gain root access.
a17cc7d59867c8802e43bf80a0d76c739e447191dbf864f926f349cc4519cd8fRed Hat Security Advisory - A format string vulnerability in screen allows local users to become root.
fbe251f1e57a3cb4b5b8f284908e9ea7fa5d667c99923f7076fcb88238394338Red Hat Security Advisory - The mgetty-sendfax package contains a vulnerability which allows any user with access to the /var/tmp directory to destroy any file on any mounted filesystem. A malicious user can create a symbolic link named /var/spool/fax/outgoing/.lastrun which points to any file on a mounted filesystem, and that file's contents will be destroyed the next time faxrunq is run.
6729a1a0b2737e85ae4f5ba7398a377fec561d503a17dd3698e11dd59d09872eRed Hat Security Advisory - Several bugs were discovered in glibc which could allow local users to gain root privileges. The dynamic linker ld.so uses several environment variables like LD_PRELOAD and LD_LIBRARY_PATH to load additional libraries or modify the library search path. It is unsafe to accept arbitrary user specified values of these variables when executing setuid applications, so ld.so handles them specially in setuid programs and also removes them from the environment.
c56e6a68d94a860ba61c14d5115dfc7beb33462dc20aa809eefbc8eac9ed1a58Red Hat Security Advisory - Vulnerabilities exist with all Zope-2.0 releases - This HotFix corrects issues in the getRoles method of user objects contained in the default UserFolder implementation. Users with the ability to edit DTML could arrange to give themselves extra roles for the duration of a single request by mutating the roles list as a part of the request processing.
3aae58fa2ce77f6e29e2937cd2bf1a04b0f4bc3336e8c2895523e8de5692adcaRed Hat Security Advisory - The usermode package allows unprivileged users logged in at the system console to run the halt, poweroff, reboot, and shutdown commands without needing to know the superuser's password. While being able to halt, poweroff, and reboot is a desirable thing, an unprivileged user can also bring the system to single-user mode by running "shutdown now" with no additional flags.
74e1c146411d4e810234e042524b50565b60f9c341a78a1d67295a79e887a3baRed Hat Security Advisory - Updated perl and mailx package are now available which fix a local exploit made possible by incorrect assumptions made in suidperl.
a3d6d23791dcf67769e1c94abf99cb28578f22037c23cc5682f62e95a86895bcRed Hat Security Advisory - A buffer overflow has been discovered in all releases of mopd-linux included in the 6.0, 6.1, and 6.2 releases of Powertools. This vulnerability allows long file names to be sent from the client to the server, allowing arbitrary code to be executed.
420df459240f85b3543ea29e1fe11451697d08319af2026f24b5e6462ae314ceRed Hat Security Advisory - Under certain conditions, suidperl will attempt to send mail to the local superuser account using /bin/mail. A properly formatted exploit script can use this facility, along with mailx's tendency to inherit settings from the environment, to gain local root access.
cc92ea296e91763b4251446ba04b9581f3a16567afbb82bb3b3e67d7655958b3Red Hat Security Advisory - The umb-scheme package included with Red Hat Linux 6.2 included two world-writable files. New packages are available.
f14ddd3809449d94fcee3fc7d7511ec7983a8c79ef23847aeaee1b7ea6cdbf91Red Hat Security Advisory - The version of ntop which was included in Red Hat Powertools 6.2 has a remote exploit in which arbitrary files can be read on the host machine as root.
6bf66bc7d72b0e7c4a0cbee5777f2fa0ddd1a7e66defd6e878e4e03d69093b92Red Hat Security Advisory - New mailman packages are available which close security holes present in earlier versions of mailman. All sites using the mailman mailing list management software should upgrade.
304e894646d0eadfba6ab8e2607b8518c2116feaeb3d91ab482acfbb50577202ReD Hat Security Advisory 46-02 - New netscape packages are available that fix a buffer overflow due to improper input verification in netscape's JPEG processing code which can result in remote compromise. It is recommended that users of netscape update to the fixed packages.
9154a8b3261c8bd167de85415172f1dd9801dbce0f66004ba3dd5ed6d8ba3eadRed Hat Security Advisory - gpm as shipped in Red Hat Linux 5.2 and 6.x contains a number of security problems. Additionally, a denial of service attack via /dev/gpmctl is possible. The newest gpm packages fix both these vulnerabilities.
ec2a6106adfda36f24bbf008cd22c924ced4bb4ed422fc3d0c2800773da2f69dRed Hat Security Advisory - The rpc.statd daemon in the nfs-utils package shipped in Red Hat Linux 6.0, 6.1, and 6.2 contains a flaw that could lead to a remote root break-in. Version 0.1.9.1 of the nfs-utils package corrects the problem.
653a35dcfe3d06dfd62cbe3afd4bedf3c6d4ac497815a8a2e19ee973990845d4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed