ethereal, xzgv, debmake, xcdroast, udev, cups, postgresql, namazu, pam, samba,
glibc, krb5, php, gnumeric, abiword, libtiff, kfax, abcm2ps, phpMyAdmin, WordPress,
NASM, mplayer, mpg123, wget, urpmi, aspell, krb5, logcheck, samba, Linux kernel,
kerberos5, libxml, gd, XFree86, and nfs-utils. The distributors include Debian,
In 2004, security continued to be a major concern. The beginning of the
year was plagued with several kernel flaws and Linux vendor advisories
continue to be released at an ever-increasing rate. This year, we have
seen the reports touting Window’s security superiority, only to be
debunked by other security experts immediately after release. Also,
Guardian Digital launched the new LinuxSecurity.com, users continue to
be targeted by automated attacks, and the need for security awareness
and education continues to rise.
| |
Debian |
| |
Debian: cscope insecure temporary file |
| |
17th, December, 2004
A vulnerability has been discovered in cscope, a program to
interactively examine C source code, which may allow local users to overwrite
files via a symlink attack.
http://www.linuxsecurity.com/content/view/117531 |
| |
| |
Debian: htget arbitrary code execution
fix |
| |
20th, December, 2004
“infamous41md” discovered a buffer overflow in htget, a file
grabber that will get files from HTTP servers. It is possible to overflow
a buffer and execute arbitrary code by accessing a malicious URL.
http://www.linuxsecurity.com/content/view/117568 |
| |
| |
Debian: a2ps arbitrary command execution
fix |
| |
20th, December, 2004
Rudolf Polzer discovered a vulnerability in a2ps, a converter
and pretty-printer for many formats to PostScript. The program did not
escape shell meta characters properly which could lead to the execution
of arbitrary commands as a privileged user if a2ps is installed as a printer
filter.
http://www.linuxsecurity.com/content/view/117569 |
| |
| |
Debian: ethereal denial of service fix |
| |
21st, December, 2004
Brian Caswell discovered that an improperly formatted SMB packet
could make ethereal hang and eat CPU endlessly.
http://www.linuxsecurity.com/content/view/117609 |
| |
| |
Debian: xzgv arbitrary code execution
fix |
| |
21st, December, 2004
Luke “infamous41md” discoverd multiple vulnerabilities in xzgv,
a picture viewer for X11 with a thumbnail-based selector. Remote exploitation
of an integer overflow vulnerability could allow the execution of arbitrary
code.
http://www.linuxsecurity.com/content/view/117610 |
| |
| |
Debian: debmake insecure temporary directories
fix |
| |
22nd, December, 2004
Javier Fern‡ndez-Sanguino Pe–a noticed that the debstd script
from debmake, a deprecated helper package for Debian packaging, created
temporary directories in an insecure manner. This can be exploited by
a malicious user to overwrite arbitrary files owned by the victim.
http://www.linuxsecurity.com/content/view/117630 |
| |
| |
Fedora |
| |
Fedora: selinux-policy-targeted-1.17.30-2.51
update |
| |
16th, December, 2004
Fix problems with winbind, nscd, apache and others.
http://www.linuxsecurity.com/content/view/117525 |
| |
| |
Fedora: xcdroast-0.98a15-8 update |
| |
16th, December, 2004
fixed frozen progress bars with patch from Didier Heyden (bug
#134334)
http://www.linuxsecurity.com/content/view/117529 |
| |
| |
Fedora: udev-039-10.FC3.6 update |
| |
16th, December, 2004
fixed a case where reading /proc/ide/hd?/media returns EIO (bug
rh#142713) and added simple dvb rules
http://www.linuxsecurity.com/content/view/117530 |
| |
| |
Fedora: cups-1.1.20-11.7 update |
| |
17th, December, 2004
Two security problems were found by Bartlomiej Sieka. They concern
the lppasswd utility, which can be made to cause a denial of service,
and the hpgltops filter, which can be exploited to run code remotely as
the user “lp”. These problems have both been fixed.
http://www.linuxsecurity.com/content/view/117540 |
| |
| |
Fedora: cups-1.1.22-0.rc1.8.1 update |
| |
17th, December, 2004
Two security problems were found by Bartlomiej Sieka. They concern
the lppasswd utility, which can be made to cause a denial of service,
and the hpgltops filter, which can be exploited to run code remotely as
the user “lp”. These problems have both been fixed.
http://www.linuxsecurity.com/content/view/117541 |
| |
| |
Fedora: postgresql-7.4.6-1.FC2.2 update |
| |
17th, December, 2004
Update to PyGreSQL 3.6 (to fix bug #142711). Adjust a few file
permissions (bug #142431). Assign %{_libdir}/pgsql to base package instead
of -server (bug #74003)
http://www.linuxsecurity.com/content/view/117542 |
| |
| |
Fedora: postgresql-7.4.6-1.FC3.2 update |
| |
17th, December, 2004
Update to PyGreSQL 3.6 (to fix bug #142711). Adjust a few file
permissions (bug #142431). Assign %{_libdir}/pgsql to base package instead
of -server (bug #74003)
http://www.linuxsecurity.com/content/view/117543 |
| |
| |
Fedora: namazu-2.0.14-0.FC2.0 update |
| |
20th, December, 2004
Security fix release.
http://www.linuxsecurity.com/content/view/117604 |
| |
| |
Fedora: namazu-2.0.14-0.FC3.0 update |
| |
20th, December, 2004
Security fix release.
http://www.linuxsecurity.com/content/view/117605 |
| |
| |
Fedora: pam-0.77-66.1 update |
| |
20th, December, 2004
add argument to pam_console_apply to restrict its work to specified
files. #140451 parse passwd entries correctly and test for failure
http://www.linuxsecurity.com/content/view/117606 |
| |
| |
Fedora: samba-3.0.10-1.fc2 update |
| |
20th, December, 2004
New upstream release that closes CAN-2004-1154 bz#142544. Include
the -64bit patch from Nalin. This closes bz#142873. Update the -logfiles
patch to work with 3.0.10
http://www.linuxsecurity.com/content/view/117623 |
| |
| |
Fedora: samba-3.0.10-1.fc3 update |
| |
20th, December, 2004
New upstream release that closes CAN-2004-1154 bz#142544. Include
the -64bit patch from Nalin. This closes bz#142873. Update the -logfiles
patch to work with 3.0.10
http://www.linuxsecurity.com/content/view/117624 |
| |
| |
Fedora: glibc-2.3.4-2.fc3 update |
| |
21st, December, 2004
work around rpm bug some more, this time by copying iconvconfig
to iconvconfig.%{_target_cpu}.
http://www.linuxsecurity.com/content/view/117625 |
| |
| |
Fedora: krb5-1.3.6-1 update |
| |
21st, December, 2004
A heap based buffer overflow bug was found in the administration
library of Kerberos 1.3.5 and earlier. This overflow in the password history
handling code could allow an authenticated remote attacker to execute
commands on a realm’s master Kerberos KDC.
http://www.linuxsecurity.com/content/view/117626 |
| |
| |
Fedora: krb5-1.3.6-2 update |
| |
21st, December, 2004
A heap based buffer overflow bug was found in the administration
library of Kerberos 1.3.5 and earlier. This overflow in the password history
handling code could allow an authenticated remote attacker to execute
commands on a realm’s master Kerberos KDC.
http://www.linuxsecurity.com/content/view/117627 |
| |
| |
Fedora: php-4.3.10-3.2 update |
| |
21st, December, 2004
This update includes the latest release of PHP 4.3, including
fixes for security issues in the unserializer (CVE CAN-2004-1019) and
exif image parsing (CVE CAN-2004-1065).
http://www.linuxsecurity.com/content/view/117628 |
| |
| |
Fedora: php-4.3.10-2.4 update |
| |
21st, December, 2004
This update includes the latest release of PHP 4.3, including
fixes for security issues in the unserializer (CVE CAN-2004-1019), exif
image parsing (CVE CAN-2004-1065), and form upload parsing (CVE CAN-2004-0958
and CAN-2004-0959).
http://www.linuxsecurity.com/content/view/117629 |
| |
| |
Fedora: gnumeric-1.2.13-10 update |
| |
22nd, December, 2004
#rh133662# printer font fallback
http://www.linuxsecurity.com/content/view/117648 |
| |
| |
Fedora: selinux-policy-targeted-1.17.30-2.58
update |
| |
22nd, December, 2004
Several updates to fix problems with Apache, Squid, postgresql
http://www.linuxsecurity.com/content/view/117649 |
| |
| |
Fedora: abiword-2.0.12-9 update |
| |
22nd, December, 2004
RH#143180# backport fix for really stupid ownership of string
bug
http://www.linuxsecurity.com/content/view/117650 |
| |
| |
Fedora: libtiff-3.5.7-21.fc2 update |
| |
22nd, December, 2004
Fix several buffer overflow problems that could be used as an
exploit. Fixes the following security advisory: CAN-2004-1308
http://www.linuxsecurity.com/content/view/117651 |
| |
| |
Fedora: libtiff-3.6.1-8.fc3 update |
| |
22nd, December, 2004
Fix several buffer overflow problems that could be used as an
exploit. Fixes the following security advisory: CAN-2004-1308
http://www.linuxsecurity.com/content/view/117652 |
| |
| |
Gentoo |
| |
Gentoo: cscope Insecure creation of temporary
files |
| |
16th, December, 2004
Cscope is vulnerable to symlink attacks, potentially allowing
a local user to overwrite arbitrary files.
http://www.linuxsecurity.com/content/view/117558 |
| |
| |
Gentoo: Adobe Acrobat Reader Buffer overflow
vulnerability |
| |
16th, December, 2004
Adobe Acrobat Reader is vulnerable to a buffer overflow that
could lead to remote execution of arbitrary code.
http://www.linuxsecurity.com/content/view/117559 |
| |
| |
Gentoo: samba Integer overflow |
| |
17th, December, 2004
Samba contains a bug that could lead to remote execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/117560 |
| |
| |
Gentoo: PHP Multiple vulnerabilities |
| |
19th, December, 2004
Several vulnerabilities were found and fixed in PHP, ranging
from an information leak and a safe_mode restriction bypass to a potential
remote execution of arbitrary code.
http://www.linuxsecurity.com/content/view/117576 |
| |
| |
Gentoo: Ethereal Multiple vulnerabilities |
| |
19th, December, 2004
Multiple vulnerabilities exist in Ethereal, which may allow
an attacker to run arbitrary code, crash the program or perform DoS by
CPU and disk utilization.
http://www.linuxsecurity.com/content/view/117577 |
| |
| |
Gentoo: kdelibs, kdebase Multiple vulnerabilities |
| |
19th, December, 2004
kdelibs and kdebase contain a flaw allowing password disclosure
when creating a link to a remote file. Furthermore Konqueror is vulnerable
to window injection.
http://www.linuxsecurity.com/content/view/117578 |
| |
| |
Gentoo: kfax Multiple overflows in the
included TIFF library |
| |
19th, December, 2004
kfax contains several buffer overflows potentially leading to
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/117579 |
| |
| |
Gentoo: abcm2ps Buffer overflow vulnerability |
| |
19th, December, 2004
abcm2ps is vulnerable to a buffer overflow that could lead to
remote execution of arbitrary code.
http://www.linuxsecurity.com/content/view/117580 |
| |
| |
Gentoo: phpMyAdmin Multiple vulnerabilities |
| |
19th, December, 2004
phpMyAdmin contains multiple vulnerabilities which could lead
to file disclosure or command execution.
http://www.linuxsecurity.com/content/view/117581 |
| |
| |
Gentoo: WordPress HTTP response splitting
and XSS vulnerabilities |
| |
19th, December, 2004
Thomas Waldegger, who discovered these vulnerabilities, reported
that these issues were not fixed in version 1.2.1. After notifying the
developers, they released 1.2.2 to fix these flaws.
http://www.linuxsecurity.com/content/view/117582 |
| |
| |
Gentoo: NASM Buffer overflow vulnerability |
| |
20th, December, 2004
NASM is vulnerable to a buffer overflow that allows an attacker
to execute arbitrary code through the use of a malicious object file.
http://www.linuxsecurity.com/content/view/117583 |
| |
| |
Gentoo: MPlayer Multiple overflows |
| |
20th, December, 2004
Multiple overflow vulnerabilities have been found in MPlayer,
potentially resulting in remote executing of arbitrary code.
http://www.linuxsecurity.com/content/view/117584 |
| |
| |
Gentoo: mpg123 Playlist buffer overflow |
| |
21st, December, 2004
mpg123 is vulnerable to a buffer overflow that allows an attacker
to execute arbitrary code through the use of a malicious playlist.
http://www.linuxsecurity.com/content/view/117611 |
| |
| |
Gentoo: Zwiki XSS vulnerability |
| |
21st, December, 2004
Zwiki is vulnerable to cross-site scripting attacks.
http://www.linuxsecurity.com/content/view/117622 |
| |
| |
Mandrake |
| |
Mandrake: wget download bug fix |
| |
17th, December, 2004
A problem in wget prevents it from downloading very large data
files. The updated packages are patched to fix the problem.
http://www.linuxsecurity.com/content/view/117536 |
| |
| |
Mandrake: urpmi ssh parallel support
fix |
| |
17th, December, 2004
A bug in the parallel ssh extension in urpmi would prevent parallel
installations using ssh; urpmi would crash. The updated pacakges fix the
problem.
http://www.linuxsecurity.com/content/view/117537 |
| |
| |
Mandrake: urpmi ssh parallel support
fix |
| |
18th, December, 2004
A bug in the parallel ssh extension in urpmi would prevent parallel
installations using ssh; urpmi would crash. The updated pacakges fix the
problem.
http://www.linuxsecurity.com/content/view/117574 |
| |
| |
Mandrake: php multiple vulnerabilities
fix |
| |
18th, December, 2004
A number of vulnerabilities in PHP versions prior to 4.3.10
were discovered by Stefan Esser. Some of these vulnerabilities were not
deemed to be severe enough to warrant CVE names, however the packages
provided, with the exception of the Corporate Server 2.1 packages, include
fixes for all of the vulnerabilities, thanks to the efforts of the OpenPKG
team who extracted and backported the fixes.
http://www.linuxsecurity.com/content/view/117575 |
| |
| |
Mandrake: aspell vulnerability fix |
| |
20th, December, 2004
A vulnerability was discovered in the aspell word-list-compress
utility that can allow an attacker to execute arbitrary code.
http://www.linuxsecurity.com/content/view/117607 |
| |
| |
Mandrake: ethereal multiple vulnerabilities
fix |
| |
20th, December, 2004
A number of vulnerabilities were discovered in Ethereal.
http://www.linuxsecurity.com/content/view/117608 |
| |
| |
Mandrake: krb5 buffer overflow vulnerability
fix |
| |
22nd, December, 2004
Michael Tautschnig discovered a heap buffer overflow in the
history handling code of libkadm5srv which could be exploited by an authenticated
user to execute arbitrary code on a Key Distribution Center (KDC) server.
http://www.linuxsecurity.com/content/view/117641 |
| |
| |
Mandrake: kdelibs multiple vulnerability
fix |
| |
22nd, December, 2004
A vulnerability in the Konqueror webbrowser was discovered where
an untrusted java applet could escalate privileges (through JavaScript
calling into Java code). This includes the reading and writing of files
with the privileges of the user running the applet.
http://www.linuxsecurity.com/content/view/117642 |
| |
| |
Mandrake: logcheck temporary file vulnerability
fix |
| |
22nd, December, 2004
A vulnerability was discovered in the logcheck program by Christian
Jaeger. This could potentially lead to a local attacker overwriting files
with root privileges.
http://www.linuxsecurity.com/content/view/117643 |
| |
| |
Mandrake: mplayer multiple vulnerabilities
fix |
| |
22nd, December, 2004
A number of vulnerabilities were discovered in the MPlayer program
by iDEFENSE, Ariel Berkman, and the MPlayer development team. These vulnerabilities
include potential heap overflows in Real RTSP and pnm streaming code,
stack overflows in MMST streaming code, and multiple buffer overflows
in the BMP demuxer and mp3lib code.
http://www.linuxsecurity.com/content/view/117645 |
| |
| |
NetBSD |
| |
NetBSD: Insufficient argument validation
in compat code |
| |
17th, December, 2004
Some of the translation functions performed unsafe operations
using the syscall arguments, and were exploitable to cause kernel traps.
Some of the flaws may be exploitable and result in privilege escalation.
http://www.linuxsecurity.com/content/view/117538 |
| |
| |
Trustix |
| |
Trustix: samba, php security update |
| |
20th, December, 2004
Remote exploitation of an integer overflow vulnerability in
the smbd daemon included in Samba 2.0.x, Samba 2.2.x, and Samba 3.0.x
prior to and including 3.0.9 could allow an attacker to cause controllable
heap corruption, leading to execution of arbitrary commands with root
privileges.
http://www.linuxsecurity.com/content/view/117571 |
| |
| |
Trustix: kernel Remote hole, local DoS |
| |
20th, December, 2004
Paul Starzetz discovered a bug in the IGMP networking modules
of the Linux kernel. This allows for a remote DoS and local root exploit.
http://www.linuxsecurity.com/content/view/117572 |
| |
| |
Trustix: anaconda, mailcap, mkinitrd,
vim, postgresql, ntp, sqlgrey, db4, rsync, postgresql bugfixes |
| |
20th, December, 2004
The previous attempt to get PXE booting working with more network
cards turned out not to work. This update fixes that.
http://www.linuxsecurity.com/content/view/117573 |
| |
| |
Trustix: kerberos5 execution of arbitary
code by authenticated user |
| |
21st, December, 2004
There is a buffer overflow in the password history handling
code of libkadm5srv which could be exploited by an authenticated user
to execute arbitary code on a Key Distribution Center (KDC) server.
http://www.linuxsecurity.com/content/view/117612 |
| |
| |
Red
Hat |
| |
Red Hat: zip security issue fix |
| |
16th, December, 2004
An updated zip package that fixes a buffer overflow vulnerability
is now available.
http://www.linuxsecurity.com/content/view/117532 |
| |
| |
Red Hat: libxml security vulnerabilities |
| |
16th, December, 2004
An updated libxml package that fixes multiple buffer overflows
is now available.
http://www.linuxsecurity.com/content/view/117533 |
| |
| |
Red Hat: samba security issue fix |
| |
16th, December, 2004
Updated samba packages that fix an integer overflow vulnerability
are now available for Red Hat Enterprise Linux 3.
http://www.linuxsecurity.com/content/view/117534 |
| |
| |
Red Hat: gd security issues fix |
| |
17th, December, 2004
Updated gd packages that fix security issues with overflow in
various memory allocation calls are now available.
http://www.linuxsecurity.com/content/view/117535 |
| |
| |
Red Hat: Xfree86 security issues fix |
| |
20th, December, 2004
Updated XFree86 packages that fix several security flaws in
libXpm are now available for Red Hat Enterprise Linux 2.1.
http://www.linuxsecurity.com/content/view/117570 |
| |
| |
Red Hat: rh-postgresql update |
| |
20th, December, 2004
Trustix has identified improper temporary file usage in the
make_oidjoins_check script. It is possible that an attacker could overwrite
arbitrary file contents as the user running the make_oidjoins_check script.
This script has been removed from the RPM file since it has no use to
ordinary users. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-0977 to this issue.
http://www.linuxsecurity.com/content/view/117601 |
| |
| |
Red Hat: nfs-utils security vulnerabilities
fix |
| |
20th, December, 2004
SGI reported that the statd daemon did not properly handle the
SIGPIPE signal. A misconfigured or malicious peer could cause statd to
crash, leading to a denial of service. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-1014
to this issue.
http://www.linuxsecurity.com/content/view/117602 |
| |
| |
Red Hat: glibc update |
| |
20th, December, 2004
This errata fixes several bugs in the GNU C Library.
http://www.linuxsecurity.com/content/view/117603 |
| |
| |
Red Hat: php security issues and bugs
fix |
| |
21st, December, 2004
Updated php packages that fix various security issues and bugs
are now available for Red Hat Enterprise Linux 3.
http://www.linuxsecurity.com/content/view/117620 |
| |
| |
Red Hat: samba security issue fix |
| |
21st, December, 2004
Updated samba packages that fix an integer overflow vulnerability
are now available for Red Hat Enterprise Linux 2.1
http://www.linuxsecurity.com/content/view/117621 |
| |
| |
SuSE |
| |
SuSE: various kernel problems |
| |
21st, December, 2004
Several vulnerabilities have been found and fixed in the Linux
kernel.
http://www.linuxsecurity.com/content/view/117618 |
| |
| |
SuSE: samba remote privilege escalation |
| |
22nd, December, 2004
The Samba developers informed us about several potential integer
overflow issues in the Samba 2 and Samba 3 code.
http://www.linuxsecurity.com/content/view/117619 |
| |
