---

Home Security

O’Reilly Network: Security Alerts: IBM Websphere, Shockwave Flash, and emacs Advisories

By

“Problems this week include minor problems with sendmail,
exposure problems with Lotus Domino, problems in the default setup
of Informix Webdriver and IBM Websphere Commerce Suite, a buffer
overflow in Shockwave Flash, denial of service attacks against
login, privacy problems in emacs, symlink attack in exmh, and a
potential exploit against GTK+.”

“Sendmail, Inc. and the Sendmail Consortium have released
sendmail 8.11.2. Fixed in sendmail 8.11.2 is a segmentation fault
in address test mode (not believed to be exploitable), IPv6 address
problems, a problem with the Cyrus-SASL security layer, a problem
with QueueSortOrder by host, delivery to set-user-ID files expanded
from aliases, and many more.”

“Lotus Domino 5.0.5’s web server has a vulnerability that can be
used to read files outside the web server root. By using a
carefully crafted URL, a remote user can read arbitrary files on
the web server. This can be used to gather information on the
system that can be used in an attack.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.