There are potential problems with file access checking in the lpr and lpd programs. These could allow users to potentially print files they do not have access to.
e07c08619c2fb583c21126d232a90aff1fd7b271ca7a7c9118b1cf1b84a8f84dThere might be a really nasty stack smash bug in linux-2.2.12 and 2.0.38. If I am reading this correctly, the implications of this bug could be very dire. It may be possible to easily obtain root privilege on any box running this kernel. Includes comments by Alan Cox.
26882e3fac59928336c10c9962f8a3f5cce1846683fd03a227f0f61b771d35beA serious security hole has been found in the web configuration utility that comes with OpenLink 3.2. This hole will allow remote users to execute arbitrary code as the user id under which the web configurator is run (inherited from the request broker, oplrqb). The hole is a run-of-the-mill buffer overflow, due to lack of parameter checking when strcpy() is used.
b36a8272ac716effd911a885be7e5ec3e74fe7e469278cc4955a647b5a86bbe3Redir is a port redirector. Its functionality basically consists of the ability to listen for TCP connections on a given port, and, when it recieves a connection, to then connect to a given destination address/port, and pass data between them. It finds most of its applications in traversing firewalls, but, of course, there are other uses. It can run under inetd or stand alone (in which case it handles multiple connections). It is 8 bit clean, not limited to line mode, is small and light.
0892748e04afd7bc36a12511a51a2073bf809560d48e49db309f9af1cdb55506pss.php3
c231c024dc475fb922e27c86d44753146e61ab196e2dc58d111ec2607e7b5c3e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed