Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs






More on LinuxToday

Security Linux News for Jun 16, 2001

  • Debian Security Advisory: multiple gnupg problems (Jun 16, 2001, 20:00)
    "fish stiqz reported on bugtraq that there was a printf format problem in the do_get() function: it printed a prompt which included the filename that was being decrypted without checking for possible printf format attacks. This could be exploited by tricking someone into decrypting a file with a specially crafted filename. The second bug is related to importing secret keys: when gnupg imported a secret key it would immediately make the associated public key fully trusted which changes your web of trust without asking for a confirmation."

  • Debian Security Advisory: rxvt buffer overflow (Jun 16, 2001, 19:53)
    "Samuel Dralet reported on bugtraq that version 2.6.2 of rxvt (a VT102 terminal emulator for X) have a buffer overflow in the tt_printf() function. A local user could abuse this making rxvt print a special string using that function, for example by using the -T or -name command-line options. That string would cause a stack overflow and contain code which rxvt will execute."

  • Debian Security Advisory: fetchmail buffer overflow (Jun 16, 2001, 16:53)
    "Wolfram Kleff found a problem in fetchmail: it would crash when processing emails with extremely long headers. The problem was a buffer overflow in the header parser which could be exploited."