|
LinuxSecurity.com - Security Advisories
|
The central voice for Linux and Open Source security news.
|
-
Slackware: samba
LinuxSecurity.com: New samba packages are available for Slackware 12.2 and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022
-
Mandriva: Subject: [Security Announce] [ MDVA-2009:002 ] msec
LinuxSecurity.com: This update fixes the following two issues with msec: when changing to a higher security level, permit_root_login is not handled correctly (bug #19726)
-
Ubuntu: Samba vulnerability
LinuxSecurity.com: Gunter Höckel discovered that Samba with registry shares enabled did not properly validate share names. An authenticated user could gain access to the root filesystem by using an older version of smbclient and specifying an empty string as a share name. This is only an issue if registry shares are enabled on the server by setting "registry shares = yes", "include = registry", or "config backend = registry", which is not the default.
-
RedHat: Important: kernel security update
LinuxSecurity.com: Updated kernel packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 running on 64-bit architectures. This update has been rated as having important security impact by the Red Hat Security Response Team.
-
Debian: New Ruby packages fix denial of service
LinuxSecurity.com: The regular expression engine of Ruby, a scripting language, contains a memory leak which can be triggered remotely under certain circumstances, leading to a denial of service condition (CVE-2008-3443).
-
Debian: New xterm packages fix remote code execution
LinuxSecurity.com: Paul Szabo discovered that xterm, a terminal emulator for the X Window System, places arbitrary characters into the input buffer when displaying certain crafted escape sequences (CVE-2008-2383).
|
News Feeds