ignore security and it'll go away
Showing 1 - 25 of 61 RSS Feed

Files

suse.slapper.txt
Posted Sep 21, 2002
Site suse.com

SuSE Security Advisory SuSE-SA:2002:033 - SuSE Linux warns its users about several packages that were statically linked against vulnerable OpenSSL libraries. The affected packages are mod_ssl, sendmail-tls, openssh and freeswan.

systems | linux, suse
MD5 | 7c5d3b640aa744d799ffbe833a3010bd
suse.apache.chunked.txt
Posted Jun 25, 2002
Site suse.com

SuSE security advisory SuSE-SA:2002:022 - A vulnerability found in the chucked encoding implementation in Apache versions 1.3.24, 2.0.36 or prior can be used to remotely execute code on systems running this software. This vulnerability affects SuSE linux version 6.4, 7.0, 7.1, 7.2, 7.3 and 8.0.

systems | linux, suse
MD5 | 0f13f7e1efd9ab88617e08d01f2ebd63
suse.dhcpd.txt
Posted May 24, 2002
Authored by SuSE Security, FJ Serna | Site suse.com

SuSE Linux Security Announcement SuSE-SA:2002:019 - ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack when reporting the result of a dns-update request. This affects SuSE distributions based upon 7.2, 7.3 and 8.0.

tags | remote, root
systems | linux, suse
MD5 | 8ecf9f6858b9348a875859858c4d3c3a
suse.lukemftp.txt
Posted May 19, 2002
Authored by SuSE Security | Site suse.com

SuSE Linux security advisory SuSE-SA:2002:018 - A buffer overflow that allows remote code execution has been found in the code used by Lukemftp to process information returned from the PASV FTP command. Lukemftp is the standard ftp client in /usr/bin/ftp.

tags | remote, overflow, code execution
systems | linux, suse
MD5 | 4f27e39155d83c9a2bc1b37928cc8c59
suse.sysconfig.txt
Posted May 10, 2002
Site suse.com

SuSE Security Announcement: sysconfig (SuSE-SA:2002:016) - On SuSE 8.0 information gained from DHCP packets is used in commands line execution by the ifup-dhcp script. This vulnerability has been fixed in the sysconfig-0.23.14-60.i386.rpm package.

systems | linux, suse
MD5 | 3ce9c5a58f551a5241627e11bc678f7b
suse.imlib.txt
Posted May 8, 2002
Site suse.de

SuSE Security Announcement: imlib (SuSE-SA:2002:015) - Imlib used to depend on a netpbm library which is well known to have security problems. This and a heap corruption bug have been corrected.

systems | linux, suse
MD5 | bc2e8f64a86b00615632838f170fc5b5
suse.cron.txt
Posted May 17, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:17 - The crontab program is running setuser-id root and invokes the editor specified in the EDITOR environment variable, usually vi. If crontab discovers that the format of the edited file is incorrect, it executes the editor again but fails to drop its root privileges before. Therefore it is possible to execute arbitrary commands as root.

tags | arbitrary, root
systems | linux, suse
MD5 | af4bf7959b96f7cf6142027943e692c7
suse.hylafax.txt
Posted Apr 24, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:15 - Hfaxd v4.1 contains format string local root vulnerabilities.

tags | local, root, vulnerability
systems | linux, suse
MD5 | c978d7b79e53e78dfdcd43c33f80c664
suse.nedit.txt
Posted Apr 24, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:14 - When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.

tags | root
systems | linux, suse
MD5 | e85a878c46bb62976fbfdfc486a7c2d2
suse.sudo.txt
Posted Apr 24, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:13 - sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise.

tags | overflow, local, root
systems | linux, suse
MD5 | f3bb1e3dd5c1b37ac6c014677f1312ad
suse.vim.txt
Posted Apr 13, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:12 - Vim and gvim have two vulnerabilities - A /tmp race condition and vim commands in regular files will be executed if the status line of vim is enabled in vimrc. Both vulnerabilities could be used to gain unauthorized access to more privileges. Patches available.

tags | vulnerability
systems | linux, suse
MD5 | 03fd1a645b922870b08353392abd4f08
suse.mc.txt
Posted Apr 13, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:11 - The Midnight Commander, mc(1), is a ncurses-based file manager. A local attacker could trick mc(1) into executing commands with the privileges of the user running mc(1) by creating malicious directory names. This attack leads to local privilege escalation. Update mc to the newest version!

tags | local
systems | linux, suse
MD5 | 54e4d40efca1045195b4c53df8ebaa4f
suse.xntp.txt
Posted Apr 10, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:10 - xntp is the network time protocol package widely used with many unix and linux systems for system time synchronization over a network. An exploit published by Przemyslaw Frasunek demonstrates a buffer overflow in the control request parsing code. The exploit allows a remote attacker to execute arbitrary commands as root. All versions as shipped with SuSE Linux are affected by the buffer overflow problem.

tags | remote, overflow, arbitrary, root, protocol
systems | linux, unix, suse
MD5 | 88b0f4e9a928b9a9c930195843b483d1
suse.cups.txt
Posted Mar 9, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:05 - CUPS contains remote root vulnerabilities which can be exploited over TCP port 631.

tags | remote, root, tcp, vulnerability
systems | linux, suse
MD5 | 04ed3a0d15aaf90b6ed4625d351d5b87
suse.ssh1.txt
Posted Feb 16, 2001
Site suse.de

SuSE Security Advisory SuSE-SA:2001:04 - SSH1 allows remote users to brute-force passwords without getting noticed or logged, SSH session key recovery, and remote root compromise. Switch to openssh.

tags | remote, root
systems | linux, suse
MD5 | 530084336eedabe30d2d04bac3df3d64
suse.bind8.txt
Posted Feb 2, 2001
Site suse.de

SuSE Security Announcement - bind-8.x in all versions of the SuSE distributions contain a bug in the transaction signature handling code that can allow to remotely overflow a buffer and thereby execute arbitrary code as the user running the nameserver (this is user named by default on SuSE systems). In addition to this bug, another problem allows for a remote attacker to collect information about the running bind process.

tags | remote, overflow, arbitrary
systems | linux, suse
MD5 | b6d80be28007588d5d9912654c22270b
suse.kdesu.txt
Posted Feb 1, 2001
Site suse.de

SuSE Security Announcement SuSE-SA:2001:02 - Kdesu can give users the root password if the 'keep password' option is enabled.

tags | root
systems | linux, suse
MD5 | ada78eef21012bc9e8a433760d3d2b50
suse.glibc.txt
Posted Jan 26, 2001
Site suse.de

SuSE Security Announcement SuSE-SA:2001:01 - The runtime-linker as used in the SuSE distributions ignores the content of the critical environment variables, allowing local users to link against user-specified libraries and obtain the privilege level of a setuid binary. To eliminate these problems, we provide update packages that completely disregard the LD_* variables upon runtime-linking of a binary that has an effective uid different from the caller's userid.

tags | local
systems | linux, suse
MD5 | 22bf41a5074c90f697f9bc3c1d60bf8f
suse.openssh.txt
Posted Dec 23, 2000
Site suse.de

SuSE Security Announcement - openssh is an implementation of the secure shell protocol, available under the BSD license, primarily maintained by the OpenBSD Project. Many vulnerabilities have been found in the openssh package: An openssh client (the ssh program) can accept X11- or ssh-agent forwarding requests even though these forwarding capabilities have not been requested by the client side after successful authentication. Using these weaknesses, an attacker could gain access to the authentication agent which may hold multiple user-owned authentication identities, or to the X-server on the client side as if requested by the user.

tags | shell, vulnerability, protocol
systems | linux, suse, bsd, openbsd
MD5 | 7f97be0212f0dff802a15f9082d28125
suse.netscape.txt
Posted Dec 3, 2000

SuSE Security Advisory - SuSE Security Advisory - Two security problems exist in the netscape packages shipped with SuSE Linux distributions. The first one involves improper verification in Netscape's jpeg processing code that can lead to a buffer overflow where data from the network can overwrite memory. The second involves an error in the java implentation in Netscape where it is possible for an attacker to view files and directories with the priviledge of the user running Netscape if the user visits a maliciously crafted web site. Upgrade to 4.76!!! SuSE security site here

tags | java, web, overflow
systems | linux, suse
MD5 | f02fade66ff0d7958fd5a645cc788564
suse.tcpdump.txt
Posted Nov 21, 2000
Site suse.de

SuSE Security Announcement - Tcpdump contains remotely exploitable buffer overflows. Fully patched upgrade not yet available.

tags | overflow
systems | linux, suse
MD5 | ab73d550ff27f8a2a66afd1b6e8c5742
suse.miscellaneous.txt
Posted Nov 16, 2000
Site suse.de

SuSE Security Advisory - Several recent issues are covered in this advisory, including a gpg, bind8, pine, gs, global, tcpdump, tcsh, and the module package.

systems | linux, suse
MD5 | 5eb5dba77927e614650b559abd517d31
suse.modprobe.txt
Posted Nov 13, 2000
Site suse.de

SuSE Security Announcement - Newer versions of /sbin/modprobe can be tricked into executing commands as root if setuid programs which can trigger the loading of modules are installed.

tags | root
systems | linux, suse
MD5 | 5c3590a0ad4361f6be5332c29da131af
suse.ncurses.txt
Posted Oct 28, 2000
Site suse.de

SuSE Security Advisory - A vulnerability has been found in the ncurses library, which is used by many text based applications. Insufficient boundary checking leads to a buffer overflow if a user supplies a specially drafted terminfo database file. If an ncurses-linked binary is installed setuid root, it is possible for a local attacker to exploit this hole and gain local root access. SuSE recommends patching this vulnerability by removing the SUID bits from xaos, screen, and cda.

tags | overflow, local, root
systems | linux, suse
MD5 | 898e03004864a6e80967310900737ec5
suse.ypbind.txt
Posted Oct 18, 2000
Site suse.de

SuSE Security Advisory - Ypbind suffers from remote root format string bugs and needs to be updated.

tags | remote, root
systems | linux, suse
MD5 | 6948959682e6e887aae904ead542d0b5
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close