dcsimg
Linux Today: Linux News On Internet Time.








More on LinuxToday

Security Linux News for Nov 06, 2001

  • SuSE Security Announcement: webalizer (2001-11-06 16:25:07)
    "An exploitable bug was found in webalizer which allows a remote attacker to execute commands on other client machines or revealing sensitive information by placing HTML tags in the right place. This is possible due to missing sanity checks on untrusted data - hostnames and search keywords in this case - that are received by webalizer. This kind of attack is also known as "Cross-Site Scripting Vulnerability"."

  • Jeremy Allison & Andrew Tridgell: Analysis of the MS Settlement and What It Means for Samba. (2001-11-06 08:28:25)
    "The Samba Team would welcome Microsoft documenting its proprietary server protocols. Unfortunately this isn't what the settlement stipulates."