Bugs

Niki Guldbrand niki at lunar-linux.org
Mon Aug 11 15:26:26 GMT 2003


So time for some more bugs...

The Postfix bugs don't affect us.
I have te patches for the netfilter bugs, and will start to put them in
now.

20. TightVNC

    Vendor: Kaplinsky, Constantin

    An unspecified vulnerability was reported in TightVNC in the
    authentication code.  A remote user may be able to bypass the
    authentication process.

    Impact: Host/resource access via network

    Alert: http://securitytracker.com/alerts/2003/Aug/1007417.html


21. Everybuddy

    Vendor: everybuddy.com

    A denial of service vulnerability was reported in Everybuddy.
    A remote user can cause a target user's client to crash.

    Impact: Denial of service via network

    Alert: http://securitytracker.com/alerts/2003/Aug/1007416.html


35. Postfix

    Vendor: Postfix.org

    A vulnerability was reported in Postfix.  A remote user can use
    a Postfix server to scan for open/closed ports on other hosts.

    Impact: Host/resource access via network

    Alert: http://securitytracker.com/alerts/2003/Aug/1007382.html


36. Postfix

    Vendor: Postfix.org

    A denial of service vulnerability was reported in Postfix.  A
    remote user may be able to cause the queue manager to lock up.

    Impact: Denial of service via network

    Alert: http://securitytracker.com/alerts/2003/Aug/1007381.html


40. Netfilter

    Vendor: Netfilter.org

    A vulnerability was reported in the network address translation
    (NAT) implementation in Netfilter.  A remote user may be able to
    cause the target system to crash.

    Impact: Denial of service via network

    Alert: http://securitytracker.com/alerts/2003/Aug/1007376.html


41. Netfilter

    Vendor: Netfilter.org

    A vulnerability was reported in Netfilter in the connection
    tracking function.  On certain versions of the Linux kernel, a
    remote user can cause denial of service conditions on the target
    system.

    Impact: Denial of service via network

    Alert: http://securitytracker.com/alerts/2003/Aug/1007375.html



More information about the lunar-dev mailing list