Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Feb 14, 2001

  • O'Reilly Network: Security Alerts: Linux Kernel Problems; SSH Design Flaw (Feb 14, 2001, 21:28)
    "In this column, we look at a system call problem and a race condition in the Linux kernel; buffer-overflow problems in SSH-1 and XMail; denial-of-service vulnerabilities in BIND 9.0.1 and ProFTPD; string format problems in man; design flaws in wireless networking security code; and temporary file problems in FreeBSD's sort."

  • Security Portal: Firewalls - The Network Filter and Proxy (Feb 14, 2001, 21:16)
    "Network firewalls are by far the most common. They can be implemented on virtually any operating system that has a network stack. The first network firewalls were (and some still are) non-stateful - that is, each packet was examined individually, the firewall having no concept of the packet's larger identity."

  • Debian Security Advisory: New m68k packages of XFree86 released (Feb 14, 2001, 20:44)
    "Several people have noted a number of problems in several components of the X Window System sample implementation (from which XFree86 is derived)."

  • Trustix Security Advisory - proftpd, kernel (Feb 14, 2001, 08:37)
    "A race condition in ptrace allows a malicious user to gain root...Several memory leaks connected to the USER and SIZE ftp commands leading to potential DoS have been fixed."