Section: .. / advisories / cert /
|
See the CERT website for more information.
|
| /// File Name: |
CA-96.18.fm_fls |
Description:
|
This advisory reports a configuration problem in the floating license server for Adobe FrameMaker (fm_fls). A workaround is provided.
| | File Size: | 9965 | | Last Modified: | Sep 14 07:49:01 1999 |
| MD5 Checksum: | b88e8b0a42f47e99afbdba8f0ed591b0 |
|
| /// File Name: |
CA-96.19.expreserve |
Description:
|
** This advisory supersedes CA-93:09 and CA-93:09a. ** It provides information about a vulnerability in the expreserve utility. A workaround and vendor information are included.
| | File Size: | 13398 | | Last Modified: | Sep 14 07:49:03 1999 |
| MD5 Checksum: | 8d3886d64c9be44bbdb359769b9e509d |
|
| /// File Name: |
CA-96.20.sendmail_vul |
Description:
|
This advisory describes a vulnerability in all versions of sendmail prior to 8.7.6, and includes a workaround and patch information.
| | File Size: | 27176 | | Last Modified: | Sep 14 07:49:04 1999 |
| MD5 Checksum: | 4b21d5c259b9eeabe666aa2e03de41d6 |
|
| /// File Name: |
CA-96.21.tcp_syn_flooding |
Description:
|
** This advisory supersedes the IP spoofing portion of CA-95:01. ** It describes denial-of-service attacks through TCP SYN flooding and IP spoofing. Advice about filtering is included.
| | File Size: | 23015 | | Last Modified: | Sep 14 07:49:05 1999 |
| MD5 Checksum: | ad36afe8596aa155911012e3784d2dff |
|
| /// File Name: |
CA-96.22.bash_vuls |
Description:
|
This advisory addresses two problems with the GNU Project's Bourne Again SHell (bash): one in yy_string_get() and one in yy_readline_get().
| | File Size: | 10780 | | Last Modified: | Sep 14 07:49:06 1999 |
| MD5 Checksum: | 8faa3d5f2ef45f3d52ac8cc1473ecce1 |
|
| /// File Name: |
CA-96.23.workman_vul |
Description:
|
This advisory describes a vulnerability in the WorkMan compact disc-playing program that affects UNIX System V Release 4.0 and derivatives and Linux systems.
| | File Size: | 8274 | | Last Modified: | Sep 14 07:49:09 1999 |
| MD5 Checksum: | daf625258a6d66bfa1ce893de5b94451 |
|
| /// File Name: |
CA-96.24.sendmail.daemon.mode |
Description:
|
It describes a security problem relating to the daemon mode in sendmail 8.7 through 8.8.2. The advisory also includes a note about two vulnerabilities in versions 8.8.0 and 8.8.1; these have been fixed as well.
| | File Size: | 22770 | | Last Modified: | Sep 14 07:49:10 1999 |
| MD5 Checksum: | a3f743b790519cf675a1392e59e9963f |
|
| /// File Name: |
CA-96.25.sendmail_groups |
Description:
|
The advisory describes a security problem affecting sendmail version 8 relating to group-writable files. Vendor patches and a workaround are included.
| | File Size: | 20528 | | Last Modified: | Sep 14 07:49:11 1999 |
| MD5 Checksum: | 8102a89180cbfbead6c31780fe9f69e6 |
|
| /// File Name: |
CA-96.26.ping |
Description:
|
This advisory describes a denial-of-service attack using large ICMP datagrams issued via the ping command. Vendor information is included.
| | File Size: | 17445 | | Last Modified: | Sep 14 07:49:12 1999 |
| MD5 Checksum: | 9137b4491befe0c88a9116cd55124621 |
|
| /// File Name: |
CA-96.27.hp_sw_install |
Description:
|
This advisory describes a vulnerability in Hewlett-Packard SD-UX that may allow local users to gain root privileges. A workaround is included.
| | File Size: | 12311 | | Last Modified: | Sep 14 07:49:13 1999 |
| MD5 Checksum: | 1b27c3c2249ae1e5db0efc2d690bd391 |
|
| /// File Name: |
CA-97.01.flex_lm |
Description:
|
This advisory describes multi-platform UNIX FLEXlm vulnerabilities. These problems may allow local users to create arbitrary files on the system and execute arbitrary programs using the privileges of the user running the FLEXlm daemons.
| | File Size: | 28451 | | Last Modified: | Sep 14 07:49:14 1999 |
| MD5 Checksum: | 0e933250b36e5cc09a16eda5d7d32aef |
|
| /// File Name: |
CA-97.02.hp_newgrp |
Description:
|
This advisory describes a vulnerability in the newgrp(1) program under HP-UX 9.x and 10.x that may allow users to gain root privileges. A workaround is provided.
| | File Size: | 10088 | | Last Modified: | Sep 14 07:49:15 1999 |
| MD5 Checksum: | 4e9fd81a8b10694c8b297e408aead7cf |
|
| /// File Name: |
CA-97.03.csetup |
Description:
|
A vulnerability in the csetup program under IRIX versions 5.x, 6.0, 6.0.1, 6.1, and 6.2 allows local users to create or overwrite arbitrary files on the system and ultimately gain root privileges. A workaround is provided.
| | File Size: | 6232 | | Last Modified: | Sep 14 07:49:16 1999 |
| MD5 Checksum: | 780bde03fc3ec2e10d7b2e3ec70de97a |
|
| /// File Name: |
CA-97.04.talkd |
Description:
|
A vulnerability in talkd(8) program used by talk(1) makes it possible to provide corrupt DNS information to a host and to remotely execute arbitrary commands with root privileges. The advisory includes information on how to solve the general problem as well as the specific one.
| | File Size: | 18571 | | Last Modified: | Sep 14 07:49:17 1999 |
| MD5 Checksum: | 68fba9c8d26263bc31af1ed2639c9629 |
|
| /// File Name: |
CA-97.05.sendmail |
Description:
|
This advisory addresses a MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. The advisory includes vendor information, pointers to the latest version of sendmail, a workaround, and general precautions to take when using sendmail.
| | File Size: | 21852 | | Last Modified: | Sep 14 07:49:18 1999 |
| MD5 Checksum: | 56e62f30ecc526f6f4a77a3cdc35fc89 |
|
| /// File Name: |
CA-97.06.rlogin-term |
Description:
|
This advisory reports a vulnerability in many implementations of the rlogin program, including eklogin and klogin. Vendor information and a workaround are included.
| | File Size: | 18465 | | Last Modified: | Sep 14 07:49:19 1999 |
| MD5 Checksum: | 78fd56082966061112a5ce4576d73a43 |
|
| /// File Name: |
CA-97.07.nph-test-cgi_script |
Description:
|
This advisory points out a vulnerability in the nph-test-cgi script included with some http daemons. Readers are urged to disable the script. Vendor information is included.
| | File Size: | 10822 | | Last Modified: | Sep 14 07:49:20 1999 |
| MD5 Checksum: | 0c25a7d99a5d9e71a2ee5425339b407f |
|
| /// File Name: |
CA-97.08.innd |
Description:
|
Originally issued Topic 2 issued This advisory describes two vulnerabilities in INN (the InterNetNews server). One affects versions 1.5 and earlier; the other affects 1.5.1 and earlier. The advisory includes pointers to version 1.5.1 and earlier. Updated information on the second vulnerability was added as "Topic 2." Pointers to all relevant patches are included, along with information from vendors.
| | File Size: | 18493 | | Last Modified: | Sep 14 07:49:21 1999 |
| MD5 Checksum: | ff117c5bcf14949b0a7b05813a43daee |
|
| /// File Name: |
CA-97.09.imap_pop |
Description:
|
This advisory reports a vulnerability in some versions of the Internet Message Access Protocol (IMAP) and Post Office Protocol (POP) implementations (imapd, ipop2d, and ipop3d). Vendor and upgrade information are included.
| | File Size: | 17809 | | Last Modified: | Sep 14 07:49:22 1999 |
| MD5 Checksum: | c1825eb50e5bb3da0be50e9cd69e2e67 |
|
| /// File Name: |
CA-97.10.nls |
Description:
|
This advisory reports a buffer overflow condition that affects some libraries using the Natural Language Service (NLS). Vendor vulnerability and patch information are included.
| | File Size: | 11589 | | Last Modified: | Sep 14 07:49:23 1999 |
| MD5 Checksum: | b4a1f10dd458571eabd0262f7ec267f6 |
|
| /// File Name: |
CA-97.11.libXt |
Description:
|
This advisory reports a buffer overflow vulnerability in the Xt library of the X Windowing System. Vendor vulnerability and patch information are included.
| | File Size: | 17094 | | Last Modified: | Sep 14 07:49:24 1999 |
| MD5 Checksum: | 3a4279e4f162c827e93903e696e012d1 |
|
| /// File Name: |
CA-97.12.webdist |
Description:
|
This advisory reports a vulnerability in the webdist.cgi-bin program, part of the IRIX Mindshare Out Box package, available with IRIX 5.x and 6.x. When exploiting this vulnerability, both local and remote users may be able to execute arbitrary commands with the privileges of the httpd daemon. A workaround is included.
| | File Size: | 10050 | | Last Modified: | Sep 14 07:49:25 1999 |
| MD5 Checksum: | b49eca1d205428b04a7c6e84a8823a02 |
|
| /// File Name: |
CA-97.13.xlock |
Description:
|
This advisory reports a buffer overflow problem in some versions of xlock. This problem makes it possible for local users to execute arbitrary programs as a privileged user. Patch information and a workaround are included.
| | File Size: | 11188 | | Last Modified: | Sep 14 07:49:26 1999 |
| MD5 Checksum: | 0f0ae0fdc12663da8b6527d6e842aa6e |
|
| /// File Name: |
CA-97.14.metamail |
Description:
|
This advisory reports a vulnerability in metamail, a package that implements MIME. All versions of metamail through 2.7 are vulnerable.
| | File Size: | 16489 | | Last Modified: | Sep 14 07:49:27 1999 |
| MD5 Checksum: | 5c1d19788a50977d4215a1bdb7660951 |
|
| /// File Name: |
CA-97.15.sgi_login |
Description:
|
This advisory describes a vulnerability in the SGI login program when the LOCKOUT parameter is set to a number greater than zero. The vulnerability is present in IRIX 5.3 and 6.2, and perhaps other
| | File Size: | 7746 | | Last Modified: | Sep 14 07:49:29 1999 |
| MD5 Checksum: | 63487ae81515eb2d586277edd64fed61 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
