Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Aug 12, 2002

  • Linux and Main: Konqueror SSL Vulnerability [Fix] (Aug 12, 2002, 23:50)
    "As has been widely reported, particularly in The Register, there is a vulnerability in KDE's Konqueror web browser which makes it easy to forge SSL certificates..."

  • SuSE Linux Advisory: i4l (Aug 12, 2002, 21:48)
    "The ipppd program which is part of the package contained various buffer overflows and format string bugs. Since ipppd is installed setuid to root and executable by users of group 'dialout' this may allow attackers with appropriate group membership to execute arbitrary commands as root..."

  • Red Hat Linux Advisory: tcl/tk (Aug 12, 2002, 21:46)
    "Updated Tcl/Tk packages for Red Hat Linux 7 and 7.1 fix two local vulnerabilities..."

  • The Register: SSL Defeated in IE and Konqueror (Aug 12, 2002, 21:45)
    "A colossal stuff-up in Microsoft's and KDE's implementation of SSL (Secure Sockets Layer) certificate handling makes it possible for anyone with a valid VeriSign SSL site certificate to forge any other VeriSign SSL site certificate, and abuse hapless Konqueror and Internet Explorer users with impunity..."

  • ZDNet UK: Flash Player Allows Attacks on Windows, Linux (Aug 12, 2002, 17:00)
    "Macromedia has warned that its Flash Player, a ubiquitous application for playing multimedia files, has a vulnerability that could allow attackers to run malicious code on Windows and Unix-based operating systems..."

  • Debian GNU/Linux: hylafax (Aug 12, 2002, 15:56)
    "A set of problems have been discovered in Hylafax, a flexible client/server fax software distributed with many GNU/Linux distributions..."