Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Link to Us
Linux Jobs

More on LinuxToday

Security Portal: Weekly Linux Security Digest 2000/10/02 to 2000/10/08

Oct 09, 2000, 06:29 (0 Talkback[s])
(Other stories by Kurt Seifried)

"Wheeee, more format string problems. Oddly enough, su on Linux and BSD has been found to contain a root exploit. (In Linux's case, the fault mostly lies with glibc, actually.) SSH and OpenSSH can both be tricked to overwrite local files when using scp from a remote server that is hostile (compromised). The good news is, some source code scanners are out that make finding bugs easier."

"We lead off with general advisories and exploit code, then move to vendor advisories. Most items appear in alphabetical order. If we're missing a Linux vendor's advisory, please tell us - ditto for any Linux-related security alerts. The long strings of hex in front of package names are MD5 signatures."

Complete Story

Related Stories: