Linux Today: Linux News On Internet Time.

SecurityPortal: Weekly Linux Security Digest: 2001/05/21 to 2001/05/27

May 28, 2001, 16:45 (0 Talkback[s])
(Other stories by Kurt Seifried)
"The only really new thing is the man page vulnerability in Red Hat, which if exploited could allow a user to gain "man" privileges, which doesn't sound to bad until you realize that root will probably run "man" and then bad things might happen. In other news we have Apache 1.3.20, mostly for some bugs in the Windows/OS/2 port, but, in any event upgrading is advisable. We also have two new source code vulnerability scanners, RATS and flawfinder. If you're a programer you should probably take a look at these (and ITS4). Otherwise it's mostly vendors playing catch-up with Mandrake and TurboLinux fixing older problem or reissuing fixes.

We lead off with general advisories and exploit code, then move to vendor advisories. Most items appear in alphabetical order. If we're missing a Linux vendor's advisory, please tell us - ditto for any Linux-related security alerts. The long strings of hex in front of package names are MD5 signatures."

Complete Story

Related Stories: