Bugs
Niki Guldbrand
niki at lunar-linux.org
Mon Nov 3 14:10:31 GMT 2003
Hi All.
Here is something to look at again, but it's mustly stuff that allready
has been updated.
Number 18, 19 and 20 was fixed with the update done the other day.
And 36 need some attention...
18. Apache mod_rewrite
Vendor: Apache Software Foundation
A vulnerability was reported in the Apache mod_rewrite
component. A remote user may be able to trigger a buffer overflow.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2003/Oct/1008030.html
19. Apache mod_alias
Vendor: Apache Software Foundation
A vulnerability was reported in the Apache mod_alias component.
A remote user may be able to trigger a buffer overflow.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2003/Oct/1008029.html
20. Apach mod_cgid
Vendor: Apache Software Foundation
A vulnerability was reported in the Apache web server in the
mod_cgid component. CGI output may be disclosed to another client
in certain situations.
Impact: Disclosure of user information
Alert: http://securitytracker.com/alerts/2003/Oct/1008028.html
36. Libnids
Vendor: libnids.sourceforge.net
A vulnerability was reported in Libnids. A remote user may be
able to execute arbitrary code on the target system, depending on
the application using libnids.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2003/Oct/1008009.html
Niki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dbguin.lunar-linux.org/mailman/private/lunar-dev/attachments/20031103/1f63de8c/attachment.bin
More information about the lunar-dev
mailing list