Cotygodniowa seria dziur
Blues
blues w ds6.pg.gda.pl
Pon, 17 Cze 2002, 10:50:05 CEST
To jest u nas dziurawe, ale... nie mamy w pakiecie simpleinit'a. Nie wiem
co to jest i czy jest potrzebne. Patch w tej informacji jest zamieszczony,
więc....
9. Util-linux
Vendor: [Multiple Authors/Vendors]
A vulnerability was reported in the 'simpleinit' component of
the 'utils-linux' package. A local user may be able to obtain
elevated privileges on the system.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2002/Jun/1004533.html
To jest jak widziałem poprawione...
26. LPRng
Vendor: Red Hat
Red Hat reported a configuration vulnerability in their
distribution of the LPRng print spooler. Any remote user can send
a print job to the spooler.
Impact: Host/resource access via network
Alert: http://securitytracker.com/alerts/2002/Jun/1004513.html
Piszą, że pre6 jest z fixem, a pre4 jest dziurawe, więc... należałoby
chyba zrobić update...
30. Links
Vendor: Twibright Labs
A buffer overflow vulnerability was reported in Twibright Labs'
Links web browser. A remote user could cause arbitrary code to be
executed when viewing a malicious PNG image.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2002/Jun/1004507.html
A to z gatunku wesołych :)
39. Bugzilla
Vendor: Mozilla.org
Several various vulnerabilities were reported in the Bugzilla
bug tracking system. The system may disclose some confidential
information in certain situations. Also, a remote user may be able
to perform certain unauthorized actions and conduct cross-site
scripting attacks.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2002/Jun/1004490.html
--
---------------------------------
pozdr. Paweł Gołaszewski
---------------------------------
CPU not found - software emulation...
Więcej informacji o liście dyskusyjnej pld-devel-pl