Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Nov 28, 2001

  • Caldera Security Advisory: Linux - IMP/HORDE cross site scripting vulnerability (2001-11-28 22:09:31)
    "The webmail frontend IMP has a cross site scripting problem, allowing a remote attacker to send you an E-mail with a malformed URL that when clicked on will open your mail session to the attacker, allowing him to read and delete your E-mails."

  • Red Hat Security Advisory: Updated postfix packages are available (2001-11-28 22:04:06)
    "A malicious user could get postfix to exhaust a machine's memory by abusing its session cache which could result in a denial of service attack. The updated postfix packages will fix these potential problems."

  • Red Hat Security Advisory: Updated wu-ftpd packages are available (2001-11-28 20:58:06)
    "An overflowable buffer exists in earlier versions of wu-ftpd. An attacker could gain access to the machine by sending malicious commands."

  • IBM developerWorks: PKCS #11 openCryptoki for Linux (2001-11-28 20:45:38)
    "This article will discuss openCryptoki, an API that is rapidly becoming the de facto, non-Windows-platform industry standard for interfacing between cryptographic hardware and user space applications. In particular, this article will introduce the specifics of the PKCS #11 implementation to IBM cryptographic hardware (openCryptoki)..."

  • LinuxSecurity.com: Oskar Andreasson IP Tables Tutorial (2001-11-28 16:12:31)
    "At the beginning it was mainly aimed at the beginners and novices of iptables and who had a little bit of experience with TCP/IP networking as well as Linux basics. I still think the tutorial is aimed at those, but it contains more information today about the advanced functions of netfilter and iptables so it might be fairly well suited for the advanced users as well who might find some interesting reads in the tutorial."