Cotygodniowe dziury
Blues
blues w ds6.pg.gda.pl
Pon, 3 Cze 2002, 12:35:43 CEST
Ale to chyba już nas nie dotyczy:
11. Tcpdump
Vendor: Tcpdump.org
A buffer overflow vulnerability was reported in the tcpdump
network sniffer. A remote user can cause the sniffer to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2002/May/1004415.html
Nie wiem co mamy za snap'a - używający to niech się rozejrzą...
31. Opera
Vendor: Opera Software
A vulnerability was reported in the Opera web browser when run
on Microsoft Windows systems. A remote user can create HTML that,
when loaded, will cause the browser to silently upload files from
the victim's system.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2002/May/1004385.html
To AFAIR jest poprawione:
36. CVS
Vendor: [Multiple Authors/Vendors]
A buffer overflow vulnerability has been reported in the
Concurrent Versions System (CVS) daemon. A local user may be able
to execute arbitrary code with the privileges of the CVS process.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2002/May/1004376.html
A to nie jest poprawione:
37. PGP Public Key Server
Vendor: Horowitz, Marc
A denial of service vulnerability was reported in the PGP
Public Key Server. A remote user can cause the service to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2002/May/1004375.html
Tu mamy starszą wersję. Należałoby się przyjrzeć temu.
39. Next Generation POSIX Threading (NGPT)
Vendor: NGPT Team
A vulnerability was reported in the Next Generation POSIX
Threading (NGPT) software for Linux. A local user may be able to
cause denial of service conditions for threaded processes.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2002/Jun/1004430.html
--
---------------------------------
pozdr. Paweł Gołaszewski
---------------------------------
CPU not found - software emulation...
Więcej informacji o liście dyskusyjnej pld-devel-pl