Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs



Top White Papers




More on LinuxToday

Security Linux News for Jan 10, 2002

  • Red Hat Security Advisory: Updated namazu packages are available (Jan 10, 2002, 03:42)
    "Namazu is a full-text search engine. Namazu 2.0.9 and earlier may inadvertently include malicious HTML tags or scripts in a dynamically generated page, based on unvalidated input from untrustworthy sources. Also, a buffer overflow vulnerability exists in the buffer size of an environment variable."

  • Conectiva Linux Security Announcement: proftpd (Jan 10, 2002, 03:40)
    "ProFTPD was not forward resolving reverse-resolved hostnames. A remote attacker could explore this vulnerability[1] to bypass ProFTPD access control lists or have false information (client hostname) logged. ... A DoS vulnerability[2] was found by Frank Denis. By sending a malicious command to the server, a remote attacker could force the process to consume all CPU and memory resources available to it."