CentOS 4 : ntp (CESA-2006:0393)

Updated ntp packages that fix several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a reference time source. The NTP daemon ntpd, when run with the...

RHEL 4 : ntp (RHSA-2006:0393)

Updated ntp packages that fix several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a reference time source. The NTP daemon ntpd, when run with the...

Opsware Network Automation System weak permissions

/etc/init.d/mysqll init script contains MySQL 'root' account password in cleartext...

RHEL 4 : openssh (RHSA-2006:0044)

Updated openssh packages that fix bugs in sshd and add auditing of user logins are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. This...

DEBIAN-CVE-2005-3118

Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot...

[SECURITY] [DSA 845-1] New mason packages fix missing init script

-------------------------------------------------------------------------- Debian Security Advisory DSA 845-1 [email protected] http://www.debian.org/security/ Martin Schulze October 6th, 2005 http://www.debian.org/security/faq -...

CVE-2005-3118

Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot...

CVE-2005-3118

CVE-2005-3118 concerns mason: Mason before 1.0.0 fails to install the init script after configuration, leaving the system without a firewall at boot. Debian’s DSA-845-1 notes this is a programming error and provides fixes across distributions (woody: 0.13.0.92-2woody1; sarge: 1.0.0-2.2; sid: 1.0....

Tomcat: Insecure installation

Background Tomcat is the Apache Jakarta Project's official implementation of Java Servlets and Java Server Pages. Description The Gentoo ebuild for Tomcat sets the ownership of the Tomcat init scripts as tomcat:tomcat, but those scripts are executed with root privileges when the system is started...

Уязвимость init-скрипта в linux

Скрипт стартует с umask 022, в результате все создаваемые файлы открыты на запись...

2.4.x/Slackware Init script vulnerability

I posted this to the linux kernel mailing last Friday, July 13th 2001: Submitted by : Josh [email protected], lockdown [email protected] on July 16th, 2001 Vulnerability : /lib/modules/2.4.5/modules.dep Tested On : Slackware 8.0. 2.4.5 Local : Yes Remote : No Temporary Fix : umask 022 at...