Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs






More on LinuxToday

Security Linux News for Jun 14, 2001

  • Conectiva Linux Security Announcement - exim (Jun 14, 2001, 13:30)
    "Megyer Laszlo reported a format bug vulnerability in the exim package that could lead to a compromise if exim is run as root. This software is not installed by default on Conectiva Linux 6.0 and, even if installed, the default configuration is not vulnerable because it does not include the "headers_check_syntax" option in the /etc/exim.conf configuration file which is needed to trigger the bug. If, however, that option is enabled, and exim is also used to process batched SMTP input (via the -bS command-line option), then the service becomes vulnerable and a remote attack becomes possible."