Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Aug 12, 2002

  • Linux and Main: Konqueror SSL Vulnerability [Fix] (2002-08-12 23:50:53)
    "As has been widely reported, particularly in The Register, there is a vulnerability in KDE's Konqueror web browser which makes it easy to forge SSL certificates..."

  • SuSE Linux Advisory: i4l (2002-08-12 21:48:04)
    "The ipppd program which is part of the package contained various buffer overflows and format string bugs. Since ipppd is installed setuid to root and executable by users of group 'dialout' this may allow attackers with appropriate group membership to execute arbitrary commands as root..."

  • Red Hat Linux Advisory: tcl/tk (2002-08-12 21:46:21)
    "Updated Tcl/Tk packages for Red Hat Linux 7 and 7.1 fix two local vulnerabilities..."

  • The Register: SSL Defeated in IE and Konqueror (2002-08-12 21:45:15)
    "A colossal stuff-up in Microsoft's and KDE's implementation of SSL (Secure Sockets Layer) certificate handling makes it possible for anyone with a valid VeriSign SSL site certificate to forge any other VeriSign SSL site certificate, and abuse hapless Konqueror and Internet Explorer users with impunity..."

  • ZDNet UK: Flash Player Allows Attacks on Windows, Linux (2002-08-12 17:00:46)
    "Macromedia has warned that its Flash Player, a ubiquitous application for playing multimedia files, has a vulnerability that could allow attackers to run malicious code on Windows and Unix-based operating systems..."

  • Debian GNU/Linux: hylafax (2002-08-12 15:56:19)
    "A set of problems have been discovered in Hylafax, a flexible client/server fax software distributed with many GNU/Linux distributions..."