Cotygodniowe dziury - 8 VII 2002
Blues
blues w ds6.pg.gda.pl
Pon, 8 Lip 2002, 13:05:33 CEST
Jak co tydzień :) Prośba o przyjrzenie się głównie bonobo.
To działa....
1. Bonobo
Vendor: Gnome Development Team
A buffer overflow vulnerability was reported in the 'efstool'
component of Bonobo. A local user can obtain root level privileges
on the system.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2002/Jun/1004659.html
załatane u nas:
6. Squid
Vendor: Squid-cache.org
Several vulnerabilities were reported in the Squid proxy cache
server. A remote user could cause arbitrary code to be executed by
the Squid server. A remote user may receive a user's proxy login
credentials.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2002/Jul/1004704.html
To może z kolei kogoś zainteresować:
17. PowerChute
Vendor: American Power Conversion Corp.
A vulnerability was reported in APC's PowerChute software.
Under the default configuration, a remote user can access the
PowerChute folder with write privileges via Windows networking.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2002/Jul/1004686.html
A to jest dziurawe...
33. ht//Dig
Vendor: ht//Dig Group
An input validation vulnerability was reported in the ht://Dig
search engine software. A remote user may be able to conduct
cross-site scripting attacks against users of web sites that have
deployed ht://Dig.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2002/Jul/1004661.html
--
---------------------------------
pozdr. Paweł Gołaszewski
---------------------------------
CPU not found - software emulation...
Więcej informacji o liście dyskusyjnej pld-devel-pl