LinuxSecurity.com: Linux Advisory Watch - February 9th 2001Feb 09, 2001, 16:47 (0 Talkback[s])
(Other stories by Benjamin D. Thomas)
[ Thanks to Benjamin D. Thomas for this link. ]
"This week, advisories were released for glibc, proftp, bind, ja-xklock, ja-elvis, ja-helvis, dc20ctrl, mars_nwe, XEmacs, SSH1, slocate, and the 2.2/2.4 kernel. The vendors include Caldera, Conectiva, FreeBSD, Immunix, Red Hat, and TurboLinux."
"Caldera's kernel advisory can not be ignored. They report that an attacker can read large parts of the kernel's memory by bypassing a negative offset to sysctl(). Also, a race condition exist that may allow an attacker to modify running processes. Also this week, FreeBSD releases many advisories that may lead to root compromises. We advise that you update immediately."
"Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability."