Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Sep 11, 2000

  • Red Hat Security Advisory: Updated mgetty packages are now available (2000-09-11 22:32:04)
    "The mgetty-sendfax package contains a vulnerability which allows any user with access to the /var/tmp directory to destroy any file on any mounted filesystem."

  • Caldera Systems Security Advisory: Security problems in xpdf (2000-09-11 22:21:11)
    "There are two security problems in xpdf, the PDF file viewer. The first is that temporary files were created insecurely. The second problem is that xpdf was not cautious enough when the user clicked on a URL."

  • PHP Security Advisory - File Uploads (2000-09-11 19:41:52)
    "It's possible for a remote attacker to supply arbitrary file names as values for FOO, by submitting a standard form input tag by that name, and thus cause the PHP script to process arbitrary files."

  • VNU Net: Format string bugs become a problem (2000-09-11 19:29:53)
    "Bad coding practices and the ability to feed format strings to the later functions makes it possible for an attacker to execute arbitrary code as a privileged user (root) using almost any SUID [set userID] program on the vulnerable systems."

  • RootPrompt.org: They Can't Crack What They Can't Find (2000-09-11 18:10:27)
    "The Internet today is a jungle full of predators. Some of these predators are trying to crack your machine others are just looking for a machine to crack. By using the firewalling tools built into the Linux kernel it is possible to make a desktop machine virtually disappear from the crackers view."

  • Salon: When Big Brother Knows You Watch "Big Brother" (2000-09-11 12:23:31)
    "Ramsay, a thick-throated Scot and former Silicon Graphics senior vice president, remains convinced that the TiVo will radically change the way advertisers, networks and viewers interact. All this from a glorified VCR?

  • Security Portal: Weekly Linux Security Digest 2000/09/04 to 2000/09/10 (2000-09-11 07:27:01)
    "More bad news this week in regards to glibc. A number of string-related problems have been found; chances are, if you updated glibc last week, you need to do it again."

  • LinuxSecurity.com: Linux Security Week, September 11th 2000 (2000-09-11 07:13:41)
    "Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines."