Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs






More on LinuxToday

Security Linux News for Mar 28, 2001

  • SuSE Security Announcement: eperl (Mar 28, 2001, 22:26)
    "Fumitoshi Ukai and Denis Barbier have found several potential buffer overflows, which could lead to local privilege escalation if installed setuid (note: it's not installed setuid per default) or to remote compromise."

  • SuSE Security Announcement: joe (Mar 28, 2001, 21:52)
    "An attacker could place a malicious joerc file in a public writeable directory, like /tmp, to execute commands with the privilege of any user (including root), which runs joe while being in this directory."

  • Red Hat Security Advisory: Updated Kerberos 5 and pam_krb5 packages available (Mar 28, 2001, 20:39)
    "A race condition exists in libkrb4 which would allow a malicious user to cause kerberized login services to overwrite the contents of any file on the system. The destroyed file would contain the kerberos credentials of an unsuspecting user who had attempted to log in using the kerberized login service being exploited."

  • Conectiva Linux Security Announcement - sgml-tools (Mar 28, 2001, 20:29)
    "Previous releases of the sgml-tools package create temporary files with poor permissions, tipically allowing world-read access."

  • The Register: Risks from hybrid Linux / Windows virus low (Mar 28, 2001, 16:33)
    "David Millard, technical manger of Command Software (a seperate anti-virus firm to Central Command), said there were fewer than 10 viruses that infect Linux systems and he said the bug should be treated as a "proof of concept" rather than anything more serious."

  • The Register: Highly destructive Linux worm mutating (Mar 28, 2001, 15:31)
    "The recently discovered Lion worm, which attacks Linux BIND (DNS) servers, is turning out to be one nasty little package which leaves infected victims with no choice but to re-format their entire systems and rebuild from scratch."

  • Yahoo/Reuters: First Virus to Infect Both Windows, Linux Emerges (Mar 28, 2001, 09:04)
    "A computer virus that can infect PCs running either the ubiquitous Windows operating system or the increasingly popular Linux operating system emerged on Tuesday, which its discoverers say is a world first."

  • Immunix OS Security Advisory: kernel (Mar 28, 2001, 08:53)
    "The 2.2.19 kernel release fixes numerous security problems including the ptrace/execve race condition bug."

  • Conectiva Linux Security Announcement - licq (Mar 28, 2001, 07:49)
    "Previous versions have two vulnerabilities that could be exploited by a remote attacker to execute arbitrary commands on the client host."